Cloudbrothers
Azure Attack Paths Posts Categories About me Talks english
Cloudbrothers
/images/avatar.png

Work and live with IT

/en/prevent-phishing-based-domain-registrations/images/Preview.png

Prevent phishing based on domain registrations

 published on  included in Analytics Rules Defender for Endpoint KQL Sentinel Microsoft 365 Defender
Business email compromise and phishing are just two of the threats sent to hundreds and thousands of email inboxes around the world every day. As defenders, we use various tools and methods to limit the delivery of these emails to the intended target. In most cases, the attackers start by registering a domain that closely resembles the target company’s own domain name, or simply include the company name in the domain (e.
Read More
/en/analyticsrules-exchange/images/Preview.png

AnalyticsRules.Exchange

 published on  included in Analytics Rules KQL Log Analytics Security Sentinel PowerShell
Over the weekend I finished a really fun project I had in mind for a couple of weeks. My newest website: AnalyticsRules.Exchange In this post I will explain the reason why I created this new website, as well on how I did it. At the moment I will not publish the code, not because I don’t want to share it, but because it’s super ugly and not something I want to be a source for other people to start with.
Read More
/en/speaking-m365-security-compliance-fido/images/Preview.png

Speaking @ Microsoft 365 Security & Compliance User Group

 published on  included in User Group
On Wednesday, October 26, I will be speaking at the Microsoft 365 Security & Compliance User Group. The topic of my talk is “Why using a FIDO2 security key is important”. Abstract Learn why classic MFA based authentication is still at risk of being phished using AiTM techniques and how FIDO2 security keys can mitigate such attacks. You can also use Entra ID (Azure AD) conditional access to add an additional layer of security.
Read More
/en/conditional-access-authentication-strength/images/Preview.png

Conditional Access Authentication strength

 published on  included in Azure Azure AD Entra ID Entra FIDO2 Security MFA
When using Microsoft Entra Entra ID (Azure AD), you can choose between a wide range of MFA options as an admin and user. Depending on the method you choose this can be a very strong second factor (e.g., FIDO2), or it could be a weaker second factor like text messages. Up until now there was no way to distinguish between the different methods. But with the recent announcement about authentication strength this changes.
Read More
/en/speaking-cloud-identity-summit-2022/images/Preview.png

Speaking @ Cloud Identity Summit 2022

 published on  included in User Group
On Thursday, September 22nd , I will be speaking at the Cloud Identity Summit 2022. The Cloud Identity Summit focuses on Cloud Identity Management, various aspects such as identity protection, managing external accounts, passwordless and much more. The Cloud Identity Summit is a free event that focuses on the exchange between the participants. The group of participants is international and comes from different areas and industries. In my talk titled “Azure Attack Paths”, I will describe various attack vectors and techniques for the Azure Cloud.
Read More