July 14: Thomas Maurer on Azure Arc for the Microsoft Security Insights Podcast and Twitch Stream

A couple weeks back during the Microsoft Security Insights Podcast, the topic of Azure Arc came up in reference to the new AMA client that uses DCRs to help filter the Windows events collected from on-prem servers and sent to the Log Analytics workspace for Azure Sentinel. At the time, I suggested Thomas Maurer would … Continue reading July 14: Thomas Maurer on Azure Arc for the Microsoft Security Insights Podcast and Twitch Stream →

Intune – Query Azure AD Bitlocker Keys using Graph API

The Issue If you have recently started using the BitLocker Encryption options out of Intune whether its device configuration or the endpoint protection encryption portion you will see there are many great reports like the encryption below. The problem is its quite hard to see if your machines have backed up their keys to Azure … Continue reading Intune – Query Azure AD Bitlocker Keys using Graph API →

Azure – “Executing Runbooks with Power Platform and Webhooks”

The Question In a recent Workshop I wanted to explain how you could use webhooks in clever ways to kick off specific tasks in Azure Automation. Specifically I wanted to create a Power App where I could just click a button and all my Az Modules in my Azure Automation Account gets updated. You can … Continue reading Azure – “Executing Runbooks with Power Platform and Webhooks” →

How to Automate the Backup of Azure Sentinel Tables to Long-term Storage Using Cloud Shell

Azure Sentinel customers with specific policies around data retention and the ability to retain data longer than Log Analytics allows, are interested in knowing how to move their Azure Sentinel tables to long-term storage. In a more recent blog post, Matt Lowe talked about how to Move Your Azure Sentinel Logs to Long-Term Storage with … Continue reading How to Automate the Backup of Azure Sentinel Tables to Long-term Storage Using Cloud Shell →

Collect and export SMBv1 audit events using Azure Log Analytics

In this blog I will demonstrate how to collect the SMBv1 audit events in Azure Log Analytics. I will also show a simple query to extract the IP information from these events which can be exported to a CSV file if needed.

Azure – Assign A Custom Role to Allow Specific Users to Stop/Start/Restart a specific VM

The Issue A customer recently had the need to only allow specific Server Owners to Start\Restart\Deallocate specific Virtual Machines. The Investigation I actually found this article that explains how to create this for an assignment to an entire subscription. https://techcommunity.microsoft.com/t5/itops-talk-blog/step-by-step-enabling-custom-role-based-access-control-in-azure/ba-p/363668 You use the mentioned JSON File, { "Name": "Restart Virtual Machines", "IsCustom": true, "Description": "Restart … Continue reading Azure – Assign A Custom Role to Allow Specific Users to Stop/Start/Restart a specific VM →

Azure GitHub Actions and Workflows

Let me give you an introduction how to use the power of GitHub Actions and Workflows to deploy resources into Azure. I'm going to explain you the basics of GitHub Actions, Workflows, runners and how to deploy resources into Azure. At the end of this post you should have understood how GitHub Actions and Workflows … Continue reading Azure GitHub Actions and Workflows →

Azure – Point to Site Transit Traffic over Connected VNETs Issue

The Issue Recently one of my customers experienced an issue where we wanted to achieve the below. The reason was we wanted machines out on the internet to communicate with Active Directory Servers by using the Azure VPN Client. The Investigation So there are two ways to achieve a "Connection" between Virtual Networks. You can … Continue reading Azure – Point to Site Transit Traffic over Connected VNETs Issue →

SAP DR on Azure Part 3

This document would like to be a simple guide to give DR on Azure of a SAP environment. Due to the nature and importance of the workload described, this guide is intended as a high level reference that must be integrated with more specific documentation if interested in realize SAP DR solution on Azure.