Cloudbrothers
Posts
Categories
About me
Talks
english
english
Deutsch
Cloudbrothers
Cancel
Posts
Categories
About me
Talks
english
english
Deutsch
All Categories
Azure AD
Continuous access evaluation
Use Unified Sign-In logs in Advanced Hunting
Windows Hello for Business Cloud Trust and KDC proxy
Why using a FIDO2 security key is important
Azure Attack Paths
More >>
Security
Use UEBA in Microsoft Sentinel to your advantage
Gradual rollout process for Microsoft Defender
Windows Hello for Business Cloud Trust and KDC proxy
Why using a FIDO2 security key is important
Azure Attack Paths
More >>
Identity and Access
Continuous access evaluation
Just-In-Time role assignment in Microsoft Defender
Alert changes to sensitive AD groups using MDI
Bypass sensitivity label restrictions with mobile Edge and conditional access policies
Journey To Passwordless: Restrict FIDO2 key usage & conclusion
More >>
Conditional Access
Continuous access evaluation
Bypass sensitivity label restrictions with mobile Edge and conditional access policies
Journey To Passwordless: Restrict FIDO2 key usage & conclusion
Journey To Passwordless: Microsoft Authenticator App
Journey To Passwordless: PowerShell administration without a password
More >>
KQL
Use UEBA in Microsoft Sentinel to your advantage
Microsoft Defender for Endpoint Device Health
Use Unified Sign-In logs in Advanced Hunting
Why using a FIDO2 security key is important
Azure Attack Paths
More >>
Azure
Use UEBA in Microsoft Sentinel to your advantage
Use Unified Sign-In logs in Advanced Hunting
Azure Attack Paths
Persistence with Azure Policy Guest Configuration
Operator mvexpand: expanded expression expected to have dynamic type
More >>
PowerShell
Azure Attack Paths
Manage group policies with PowerShell
Use Pulse Secure on Windows 11
PowerShell Tip: Resolve SPF Records
Test UDP connection with PowerShell
More >>
Defender for Endpoint
Microsoft Defender for Endpoint Device Health
Update to the Hitchhiker's Guide to Microsoft Defender for Endpoint exclusions
Gradual rollout process for Microsoft Defender
The Hitchhiker's Guide to Microsoft Defender for Endpoint exclusions
Detect and alert on unusual high phish or malware email volume
More >>
Microsoft 365
The case of the... MapiExceptionShutoffQuotaExceeded
Microsoft 365 license overview
Phase out Legacy Authentication - Endgame
Phase out Legacy Authentication - The next 9%
Phase out Legacy Authentication - The first 90%
More >>
Passwordless
Windows Hello for Business Cloud Trust and KDC proxy
Why using a FIDO2 security key is important
Journey To Passwordless: Restrict FIDO2 key usage & conclusion
Journey To Passwordless: Microsoft Authenticator App
Journey To Passwordless: PowerShell administration without a password
More >>
FIDO2
Why using a FIDO2 security key is important
Journey To Passwordless: Restrict FIDO2 key usage & conclusion
Journey To Passwordless: Microsoft Authenticator App
Journey To Passwordless: PowerShell administration without a password
Journey To Passwordless: Windows 10 Device Onboarding and Windows Hello for Business
More >>
Defender AV
Microsoft Defender for Endpoint Device Health
Update to the Hitchhiker's Guide to Microsoft Defender for Endpoint exclusions
Gradual rollout process for Microsoft Defender
The Hitchhiker's Guide to Microsoft Defender for Endpoint exclusions
Current limits of Defender AV Tamper Protection
More >>
Windows
Gradual rollout process for Microsoft Defender
Current limits of Defender AV Tamper Protection
Defender for Endpoint - Did the Antivirus scan complete?
Create a Network Trace Without Wireshark
Test UDP connection with PowerShell
More >>
User Group
Speaking @ Cloud Identity Summit 2022
Speaking @ Cloud Workplace Meetup
Speaking @ Microsoft Cloud Security User Group
Speaking @ Trust in Tech Cologne
Speaking @ Cloud Management User Group
Windows Server
Gradual rollout process for Microsoft Defender
Current limits of Defender AV Tamper Protection
Defender for Identity, Npcap on Windows Server 2022
SCHANNEL settings in Azure Windows Marketplace image changed
Clear computer Kerberos ticket and certificate cache
Log Analytics
Use Unified Sign-In logs in Advanced Hunting
Operator mvexpand: expanded expression expected to have dynamic type
Query the Log Analytics Workspace for all Azure VM
Azure Log Analytics - RegEx case insensitive
Network
Create a Network Trace Without Wireshark
Test UDP connection with PowerShell
Optimize your Microsoft Teams traffic with QoS on a UniFi USG
Find a free IP address in Azure
Active Directory
Exploit samAccountName spoofing with Kerberos
Manage group policies with PowerShell
Alert changes to sensitive AD groups using MDI
Advanced Hunting
Use Unified Sign-In logs in Advanced Hunting
Alert changes to sensitive AD groups using MDI
Automated response to C2 traffic on your devices
MFA
Windows Hello for Business Cloud Trust and KDC proxy
Why using a FIDO2 security key is important
Why the new MFA registration benefits your users
Office 365
Microsoft 365 license overview
Optimize your Microsoft Teams traffic with QoS on a UniFi USG
Is this ip address part of the Office 365 IP address range?
PKI
Golden Certificate and OCSP
The case of the... Intune SCEP Profil hangs in pending state
Clear computer Kerberos ticket and certificate cache
The case of the
The case of the... MapiExceptionShutoffQuotaExceeded
The case of the... The Sign-in method you're using isn't allowed
The case of the... Intune SCEP Profil hangs in pending state
Automation
Certificate management with Azure Automation and Let's Encrypt
AzureRM.Network 0.9 breaks Azure Automation Runbooks
Defender for Identity
Alert changes to sensitive AD groups using MDI
Defender for Identity, Npcap on Windows Server 2022
Exchange
The case of the... MapiExceptionShutoffQuotaExceeded
PowerShell Tip: Resolve SPF Records
Intune
The case of the... The Sign-in method you're using isn't allowed
The case of the... Intune SCEP Profil hangs in pending state
Module
AzureSimpleREST Module
PowerShell Modul Development: Pester Tests
Sentinel
Use UEBA in Microsoft Sentinel to your advantage
Azure Attack Paths
TIL
Operator mvexpand: expanded expression expected to have dynamic type
TIL BitLocker + YubiKey = ❤️
ARM
Azure Availability Sets vNet dependency
Backup
"Reverse engineering" the Azure REST API
Defender
Gradual rollout process for Microsoft Defender
Defender for Office 365
Detect and alert on unusual high phish or malware email volume
DSC
Persistence with Azure Policy Guest Configuration
Excel
Query the Log Analytics Workspace for all Azure VM
GPO
Manage group policies with PowerShell
HHPSUG
Manage group policies with PowerShell
Kerberos
Exploit samAccountName spoofing with Kerberos
Let's Encrypt
Certificate management with Azure Automation and Let's Encrypt
Microsoft Information Protection
Bypass sensitivity label restrictions with mobile Edge and conditional access policies
Microsoft Teams
Optimize your Microsoft Teams traffic with QoS on a UniFi USG
OMS
Query the Log Analytics Workspace for all Azure VM
Pester
PowerShell Modul Development: Pester Tests
Proxy
Proxy, Proxy on the Wall...
PSScriptAnalyzer
PowerShell Modul Development: Pester Tests
REST
"Reverse engineering" the Azure REST API
Tools
Clear computer Kerberos ticket and certificate cache
UniFi
Optimize your Microsoft Teams traffic with QoS on a UniFi USG
YubiKey
TIL BitLocker + YubiKey = ❤️