Tag Archives: Security

Using TOTP Tokens with Azure AD – Part 2/2: Programmable Tokens

Posted on 04/06/2022 by Marcel Zehner

In the first part of this series I explained and demonstrated the process how non-programmable TOTP tokens can be used as a possible alternative to the Microsoft Authenticator app. In this second post I will cover programmable tokens. Non-programmable tokens … Continue reading →

Posted in Azure, Security | Tagged authentication, azure, azure ad, mfa, microsoft, Security | 1 Comment

Using TOTP Tokens with Azure AD – Part 1/2: Non-programmable Tokens

Posted on 03/06/2022 by Marcel Zehner

If password-based authentication is in place, the additional use of a second factor (or multi-factor (MFA) authentication) is highly recommended to enhance the security of identities and to strengthen the authentication process. The Microsoft Authenticator app running on a smartphone … Continue reading →

Posted in Azure, Security | Tagged 2fa, authentication, azure, azure ad, mfa, microsoft, Security, token | 1 Comment

Microsoft Cloud App Security – Manual Import of custom Log Files (GUI)

Posted on 25/05/2021 by Marcel Zehner

Microsoft Cloud App Security (MCAS) is Microsoft’s CASB (cloud access security broker). It is a service that sits between your cloud app consumers and the cloud apps they are using and acts as a security and compliance enforcement point. Before … Continue reading →

Posted in Security | Tagged apps, casb, cloud, custom logs, log parser, mcas, Security, shadow it | Leave a comment

Disable Azure Storage Account Access Keys (Preview)

Posted on 31/01/2021 by Marcel Zehner

Several months ago I published this article which discusses the problem of Azure services that use a public endpoint together with its available authentication options. If companies do not understand these mechanics, they put their environment at risk. For Azure … Continue reading →

Posted in Azure | Tagged access key, authentication, azure, endpoint, public, Security, storage, storage account | Leave a comment

Are you really ready to use Azure?

Posted on 27/06/2020 by Marcel Zehner

Deploying services in Azure is as simple as going to the marketplace and filling out a form. And boom, a new service or resource is up and running. This is great because it saves time and makes services accessible to … Continue reading →

Posted in Azure | Tagged access key, authentication, azure, azure ad, endpoint, master, mastering, network access, public endpoint, Security, storage account, user account | 1 Comment

Azure Security Center – Workflow Automation

Posted on 13/06/2020 by Marcel Zehner

Azure Security Center (ASC) is your main stop when you need a first broad overview of your environment’s security posture. If there is potential to improve your overall security, ASC will give you recommendations that explain how a specific resource … Continue reading →

Posted in Azure | Tagged asc, automation, azure, azure security center, logic app, response, Security, workflow | 1 Comment