Viimeisimmät artikkelit
app service AZSK Azure express-validator expressJS HelmetJS NodeJS Web Application Firewall web apps
Defence in depth: Securing Azure App Service with Azure Front Door WAF, NodeJS runtime Security enhancements tested with OWASP ZAP
I’ve been recently playing around with Azure Front Door, and it’s WAF Policies. Here are some notes I decided toLue lisää
Developer experience on steroids with Azure AD App Proxy and Azure Functions Host
I’ve been using Azure AD App Proxy a lot in my time and I continue finding it useful in newLue lisää
TOP3 Picks from Azure Security Center Standard
I was recently discussing with a another Azure Aficionado about value proposition of Security Center Standard in comparison to stayingLue lisää
Azure AD B2X is here ! (yes B2X, not B2C or B2B) – Debugging and insights
Now that we are past the click-bait title (B2X), lets dig into Azure AD External Identities which was unveiled atLue lisää
AAD App Registrations custom claims grant-type:jwt-bearer Group Claims NodeJS OAuth2 SAML saml1_1-bearer
Deep Diver – Azure AD Groups/Roles claims for developers and IT pro’s with code examples
Background Many enterprise applications rely on group /role information to be passed on assertions for authorization, and further role decisions.Lue lisää
AAD Azure AD Device Login AzureAD Conditional Access Exchange HMA Hybrid Hybrid Modern Authentication MFA OAuth2 Office 365 Password Sync Productivity SAML
Lab: Zero Trust Exchange 2016 with AAD oAuth2 and SAML (KEMP)
Welcome to the lab post regarding implementing ”Zero Trust”, or identity perimeter-ish controls for your’re hybrid environment: this part isLue lisää
Don’t try this at home (or how to enable Core Server Remote Management for AD FS GUI)
I’ve been running AD FS on Core servers for some time now, mostly because I like the smaller footprint and centralizedLue lisää
Research for CAOptics – Azure AD Conditional Access – Investigating Guest user conditions parity between new and old policies
Backround I wanted to document some research related to updating Guest condition features of CaOptics – Feedback appreciated if youLue lisää
Public Disclosure: Databricks – Former standard clusters & admin privilege escalation
This is linking post to article I co-wrote with Databricks. Original post: https://www.databricks.com/blog/2022/10/10/admin-isolation-shared-clusters.html while back I was researching another avenueLue lisää
Azure Devops – Update network restricted App Service via Microsoft-hosted Azure DevOps agent
Most typical reason I see that the SCM endpoint is not secured on App Services is that these apps areLue lisää
Azure AD Workload Federation anywhere?
I decided to write an post into creation of Azure AD Workload Identity using the option ’Workloads running in computeLue lisää
Highly experimental – Bypassing trusted Device requirements for Azure CLI in restricted environments where API’s are only available for browser sessions
Some environments require trusted device to access API’s on mobile and desktop clients (which AZ CLI is categorized as) –Lue lisää
SecureCloudBlog 