Showing items from Security

Deploy and monitor conditional access authentication strength automated

Sander Rozemuller
Date : October 6, 2022
Categories : Azure ad ,Security
Tags : Conditional access ,Monitoring

Conditional access is an indispensable configuration setting in Azure AD. Conditional Access policies are in basic if-then statements, if a user wants to access a resource, then they must complete an action. Example: A payroll manager wants to access the payroll application and is required to do multi-factor authentication to access it. Or, it requires everyone to use multifactor authentication. Multifactor authentication can be a password in combination with an SMS or the use of the Microsoft Authenticator app for example. In the past, a user can choose to use SMS or the authenticator or what the admins provide you to use.

Deploy and monitor conditional access authentication strength automated

Sander Rozemuller
Date : October 6, 2022
Categories : Azure ad ,Security
Tags : Conditional access ,Monitoring

Enroll AVD session host with Trusted Launch automated

Date : July 26, 2022
Categories : Identity ,Security ,Azure virtual desktop
Tags :

In this blog post I show how to deploy an AVD session host with the Trusted Launch, secure boot and vTPM. This option is now Generally Available. I show how to deploy the AVD session host with the REST API and with the Az.Avd PowerShell module from a Compute Gallery image.

Monitor Identity Secure Score security improvement action status

Sander Rozemuller
Date : May 29, 2022
Categories : Entra ID ,Monitoring ,Security
Tags : Automation ,Azure ad ,Power shell ,Rest API

An Azure tenant is the Microsoft public cloud base. It is very important to keep your bases as secure as possible. To keep your tenant secure, Microsoft provides actions that give you insights into your tenant’s security and how to improve it. In this blog, I show how to monitor the secure score security improvement action status.

Monitor security baselines in Endpoint Security

Sander Rozemuller
Date : April 5, 2022
Categories : Microsoft intune ,Monitoring ,Security
Tags : Microsoft intune ,Microsoft intune powered ,Monitoring ,Rest API ,Security baselines

A security baseline has some values which are interesting to know. It has a status that tells us the current deployment status if a profile is assigned or is deprecated. In this post, I show how to monitor security baselines. The current status, versions, and if a profile is assigned. I will explain which data is important, how to get the data and show different ways to send alerts.

Microsoft Intune security baselines explained

Sander Rozemuller
Date : February 23, 2022
Categories : Graph API ,Microsoft intune ,Power shell ,Security
Tags : Automation ,Microsoft intune ,Microsoft intune powered ,Rest API ,Security baselines

During writing automation blog posts about deploying security baselines automated, I felt the need to write a new blog about how these security baselines actually work. Not in the way how security baselines are deployed but how security baselines are built. Which components does a baseline have and how do settings fit together. In this blog post, I peel off a security baseline and explain how to grab the correct settings.