Code as Code – Managing Azure Automation with Terraform

Introduction Azure Automation is a robust tool that provides administrators with the ability to execute tasks either on Azure or on-premises (through a hybrid worker). If you're familiar with Azure Automation, you've likely configured a lot of settings, including runbooks, schedules, RBAC permissions, variables and PowerShell modules. In certain organizations, these configurations can amount to … Continue reading Code as Code – Managing Azure Automation with Terraform →

Microsoft Defender for Server Reference Architecture and Deployment Guide

When coming to deploying Defender for Servers within Microsoft Defender for Cloud, there are a number of considerations and factors which need focus to ensure a successful implementation. My goal here is to provide a reference architecture with steps that show at a high level the core areas of focus, calling out core integrations and … Continue reading Microsoft Defender for Server Reference Architecture and Deployment Guide →

Assign M365 license via Graph PowerShell SDK

If you are looking for a easier and a faster way to assign M365 license, then you have landed on the right page. Instead of using the M365 admin portal, Microsoft Graph PowerShell SDK is the new shiny tool to automate the assignment of license. What is Graph PowerShell SDK Microsoft Graph PowerShell Module consists … Continue reading Assign M365 license via Graph PowerShell SDK →

Automate your SOC – Oh, that user again?

Adding user risk to your STAT playbook Now that you’ve got your first playbook set up, let’s talk about what each module does. We’re going to start with the Azure AD Risks module. This module retrieves several pieces of information to help enrich your incident. The risk level for the users in the incident as … Continue reading Automate your SOC – Oh, that user again? →

Azure AD PowerShell to Microsoft Graph PowerShell

Overview: You might have heard about AzureAD PowerShell module deprecation. So, in this article we will summarize the migration between Azure AD PowerShell to Microsoft Graph PowerShell and will provide you with all the relevant info and links in one place, to get you up and running with the new MS Graph Module. The best … Continue reading Azure AD PowerShell to Microsoft Graph PowerShell →

Use Winget Windows Package Manager Tool to Install Published Apps using Intune

Now that the Microsoft Store for Business has been retired and the new integration between Intune and the Microsoft Store, we have seen that the specific application you are looking for might not yet be available, but is available on the winget repository. In this blog I will show you how to create such applications … Continue reading Use Winget Windows Package Manager Tool to Install Published Apps using Intune →

Automate your SOC – Risky Business

Giving your incidents a risk score So, you’ve installed STAT using the deployment ARM template? Yes, ok let’s go. If not, see our tutorial on getting it installed here. Let’s start by navigating to your Logic Apps blade in the Azure portal. Here you will see that STAT installed fifteen logic apps. We will go … Continue reading Automate your SOC – Risky Business →

Microsoft Secure Digital Event

Join us March 28 at 8:30 AM PDT for a brand-new digital event, Microsoft Secure—a place for security professionals to explore the most comprehensive, industry-leading solutions to help you protect everything.

Automate your SOC – Let’s talk about STAT, baby

Let's talk about SIEM and me...let's talk about all the good things Last week, we talked about automating your SOC with the Microsoft Sentinel Triage Assistant (STAT). So this week, we thought it would be a good idea to talk about how to get STAT deployed in your Sentinel environment. Remember that STAT consists of … Continue reading Automate your SOC – Let’s talk about STAT, baby →

Use the Microsoft Authenticator application as backup sign-in method when mobile device has no connectivity.

You can use the Microsoft Authenticator application to complete MFA (Multi-Factor Authentication) sign-in when your mobile device has no connectivity. The Authenticator application functions as the primary and backup sign-in method.