Intune – “Conditional Access, Terms of Use and The Company Portal”

The Issue We recently had an issue where we tried to use the Conditional Access setting and only granting Terms of Use for an Android Device Enrollment. The Investigation What happens now is as described in our docs article Terms of use - Azure Active Directory | Microsoft Docs - The authenticator app installs... Why … Continue reading Intune – “Conditional Access, Terms of Use and The Company Portal”

Publish Custom PowerShell Workflows to Azure Automation

Introduction Writing Runbooks in Az Automation is possible in the following languages: PowerShell and Python, in PowerShell it is also possible to write PowerShell Workflow. In this blog post, I will walk through some highlights in writing 'PowerShell Workflow' and how to upload it to 'Runbook gallery' in Azure Automation. The pros and cons of using Workflow The … Continue reading Publish Custom PowerShell Workflows to Azure Automation

Microsoft Endpoint Manager – “Defeating Vulnerability Scans”

The Issue In Operations you may get approached by your Security Team from time to time to help them close new Vulnerabilities that have been identified after a Vulnerability Scan was run. It might look like the below and contain a list of Vulnerabilities that need to be addressed. The Investigation If you are lucky … Continue reading Microsoft Endpoint Manager – “Defeating Vulnerability Scans”

Setting up an Android Emulator for testing Intune features

Overview As more customers leverage either standalone Microsoft Intune or Microsoft Endpoint Manager for cloud management of their devices they also seek an efficient means to upskill administrators on Intune features and capabilities without the need to purchase devices upfront for testing.   Scenario I recently delivered a workshop where attendees experienced the above issue … Continue reading Setting up an Android Emulator for testing Intune features

How to Connect Azure Kubernetes to Azure Sentinel

Not surprisingly I had a couple customers and someone on Twitter ask recently about how they could use Azure Sentinel to query against and monitor the Kubernetes service and containers. It's just early days for me as I start to test and expose the security events that are available in the data that is ingested, … Continue reading How to Connect Azure Kubernetes to Azure Sentinel

How to Automate the Backup of Azure Sentinel Tables to Blob Storage Using PowerShell

Not too long ago I wrote a blog post describing how to use Cloud Shell to create Export Rules for automating the backup of Azure Sentinel tables to Blob storage for long-term backup. This is useful for those organizations that need to store data, due to policy, for longer periods than the default 2 years … Continue reading How to Automate the Backup of Azure Sentinel Tables to Blob Storage Using PowerShell