If you find any help of the blogs follow us at @twitter to stay updated!
Follow @santasalojoosua Follow @MarkusPitkranta Follow @samilamppu
aadjwt / ExpressJS middleware for validating Azure AD JWT tokens on all routes (1/15/2020)
Azure AD Application Proxy – SSO and Authorization notes from the field (1/7/2020)
Experimental testing: Azure AD Application Proxy With Azure Application Gateway WAF (1/2/2020)
Reddit Thread Answer: Azure AD – Autologon endpoint (12/26/2019)
Azure AD App Proxy|Forward incoming JWT token to backend service: What are my choices? (12/21/2019)
NodeJS Logging integration with Azure Log Analytics/Sentinel (12/20/2019)
HelSec Azure AD write-up: Phishing on Steroids with Azure AD Consent Extractor (12/17/2019)
Deep Diver – Azure AD Identity Protection (IPC) Alerts (12/12/2019)
AAD Security made easy: Check your Azure AD Security with One-Liner (AZSK.AAD) (12/4/2019)
Advisories 1-2: Azure AD and Common WS-Trust MFA Bypass explained (10/8/2019)
Azure AD – Add Custom claims for WS-Federation applications (10/3/2019)
Defender ATP and Live Response (9/9/2019)
Azure Log Analytics – Permission Models (9/9/2019)
Identity and Access in Security Center? (8/30/2019)
LAB: Microsoft Defender ATP and Conditional Access (8/16/2019)
Deploy: Native Exchange ActiveSync with Conditional Access and Intune while blocking legacy auth? (6/10/2019)
Azure AD Directories and B2B user decision matrix – One-slider (6/6/2019)
Add sAMAccountName to Azure AD Access Token (JWT) with Claims Mapping Policy (and avoiding AADSTS50146) (6/6/2019)
Concept: Publish on-prem API using AAD App Proxy and API Management with Azure AD JWT Bearer Grant (6/1/2019)
Azure API Management – JWT validation for multiple Azure AD partner registrations (5/22/2019)
Deep Diver: Azure AD B2B (5/6/2019)
Office 365 & AAD baseline security one-sliders (2/25/2019)
Enable Microsoft Security Graph Alerts in Log Analytics (2/19/2019)
aka.ms/olsRockStars (2/18/2019)
Lab: Zero Trust Exchange 2016 with AAD oAuth2 and SAML (KEMP) (2/3/2019)
Best tip ever for Azure Security – Security Center built-in policies (12/9/2018)
You can’t hide things in AAD (10/16/2018)
Tips&Tricks- Securing Activesync Access to Exchange Online with 365 MDM (10/15/2018)
Demonstration – Illicit consent grant attack in Azure AD / Office 365 (10/2/2018)
Testing: Conditional Access: Strong Proof Up for Azure MFA in the cloud (9/5/2018)
Easy rundown for ’Your 2FA is mine also’ | CVE-2018-8340 | AD FS Security Feature Bypass Vulnerability (8/15/2018)- Risky IP’s and Traffic Analytics (6/21/2018)
Don’t try this at home (Or configuring AD FS against Azure AD Domain Services) (6/10/2018)
Cheat sheet: AD FS and Azure AD Hybrid Conditional Access (6/2/2018)- Don’t try this at home (or how to enable Core Server Remote Management for AD FS GUI) (5/25/2018)
Azure AD Federation with KEMP (5/21/2018)
Creating Custom Multi-Factor Authentication Client with Azure Functions (5/19/2018)
Going beyond specification (5/19/2018)
