Viimeisimmät artikkelit
app service AZSK Azure express-validator expressJS HelmetJS NodeJS Web Application Firewall web apps
Defence in depth: Securing Azure App Service with Azure Front Door WAF, NodeJS runtime Security enhancements tested with OWASP ZAP
I’ve been recently playing around with Azure Front Door, and it’s WAF Policies. Here are some notes I decided toLue lisää
Developer experience on steroids with Azure AD App Proxy and Azure Functions Host
I’ve been using Azure AD App Proxy a lot in my time and I continue finding it useful in newLue lisää
TOP3 Picks from Azure Security Center Standard
I was recently discussing with a another Azure Aficionado about value proposition of Security Center Standard in comparison to stayingLue lisää
Azure AD B2X is here ! (yes B2X, not B2C or B2B) – Debugging and insights
Now that we are past the click-bait title (B2X), lets dig into Azure AD External Identities which was unveiled atLue lisää
AAD App Registrations custom claims grant-type:jwt-bearer Group Claims NodeJS OAuth2 SAML saml1_1-bearer
Deep Diver – Azure AD Groups/Roles claims for developers and IT pro’s with code examples
Background Many enterprise applications rely on group /role information to be passed on assertions for authorization, and further role decisions.Lue lisää
AAD Azure AD Device Login AzureAD Conditional Access Exchange HMA Hybrid Hybrid Modern Authentication MFA OAuth2 Office 365 Password Sync Productivity SAML
Lab: Zero Trust Exchange 2016 with AAD oAuth2 and SAML (KEMP)
Welcome to the lab post regarding implementing ”Zero Trust”, or identity perimeter-ish controls for your’re hybrid environment: this part isLue lisää
Don’t try this at home (or how to enable Core Server Remote Management for AD FS GUI)
I’ve been running AD FS on Core servers for some time now, mostly because I like the smaller footprint and centralizedLue lisää
Azure Devops – Update network restricted App Service via Microsoft-hosted Azure DevOps agent
Most typical reason I see that the SCM endpoint is not secured on App Services is that these apps areLue lisää
Azure AD Workload Federation anywhere?
I decided to write an post into creation of Azure AD Workload Identity using the option ’Workloads running in computeLue lisää
Highly experimental – Bypassing trusted Device requirements for Azure CLI in restricted environments where API’s are only available for browser sessions
Some environments require trusted device to access API’s on mobile and desktop clients (which AZ CLI is categorized as) –Lue lisää
Bypassing sign-in frequency requirements for Conditional Access on 3rd party clients
Based on recent testing SIF (sign-in-frequency) enforcement can be bypassed when refresh token is available for exchange¹ on third party²Lue lisää
Azure AD Cross-tenant attacks via multi-tenant implants (servicePrincipals)
I decided to do short write-up since I’ve been getting lot of questions about this attack type originally discovered byLue lisää
SecureCloudBlog 