SecureCloudBlog

julkaissut Joosua Santasalo 28 toukokuun, 2021 0

Using PowerShell to find dangling Redirect URI’s in Azure AD Tenant

julkaissut Joosua Santasalo 25 marraskuun, 2020 0

app service AZSK Azure express-validator expressJS HelmetJS NodeJS Web Application Firewall web apps

Defence in depth: Securing Azure App Service with Azure Front Door WAF, NodeJS runtime Security enhancements tested with OWASP ZAP

I’ve been recently playing around with Azure Front Door, and it’s WAF Policies. Here are some notes I decided toLue lisää

julkaissut Joosua Santasalo 2 elokuun, 2020 0

AAD Azure Azure AD Application Proxy Azure Security Center Functions NodeJS

Developer experience on steroids with Azure AD App Proxy and Azure Functions Host

I’ve been using Azure AD App Proxy a lot in my time and I continue finding it useful in newLue lisää

julkaissut Joosua Santasalo 20 heinäkuun, 2020 1

Azure Azure Security Center Containers docker Functions Logic Apps NodeJS Security Center

TOP3 Picks from Azure Security Center Standard

I was recently discussing with a another Azure Aficionado about value proposition of Security Center Standard in comparison to stayingLue lisää

julkaissut Joosua Santasalo 8 kesäkuun, 2020 5

AAD AADSTS50020 App Registrations Azure AD External Identities B2B B2C B2X

Azure AD B2X is here ! (yes B2X, not B2C or B2B) – Debugging and insights

Now that we are past the click-bait title (B2X), lets dig into Azure AD External Identities which was unveiled atLue lisää

julkaissut Joosua Santasalo 14 toukokuun, 2020 0

AAD App Registrations custom claims grant-type:jwt-bearer Group Claims NodeJS OAuth2 SAML saml1_1-bearer

Deep Diver – Azure AD Groups/Roles claims for developers and IT pro’s with code examples

Background Many enterprise applications rely on group /role information to be passed on assertions for authorization, and further role decisions.Lue lisää

julkaissut Joosua Santasalo 3 helmikuun, 2019 2

AAD Azure AD Device Login AzureAD Conditional Access Exchange HMA Hybrid Hybrid Modern Authentication MFA OAuth2 Office 365 Password Sync Productivity SAML

Lab: Zero Trust Exchange 2016 with AAD oAuth2 and SAML (KEMP)

Welcome to the lab post regarding implementing ”Zero Trust”, or identity perimeter-ish controls for your’re hybrid environment: this part isLue lisää

julkaissut Joosua Santasalo 25 toukokuun, 2018 0

Uncategorized

Don’t try this at home (or how to enable Core Server Remote Management for AD FS GUI)

I’ve been running AD FS on Core servers for some time now, mostly because I like the smaller footprint and centralizedLue lisää

julkaissut Joosua Santasalo 17 toukokuun, 2022 0

Uncategorized

Highly experimental – Bypassing trusted Device requirements for Azure CLI in restricted environments where API’s are only available for browser sessions

Some environments require trusted device to access API’s on mobile and desktop clients (which AZ CLI is categorized as) –Lue lisää

julkaissut Joosua Santasalo 12 toukokuun, 2022 0

Uncategorized

Bypassing sign-in frequency requirements for Conditional Access on 3rd party clients

Based on recent testing SIF (sign-in-frequency) enforcement can be bypassed when refresh token is available for exchange¹ on third party²Lue lisää

julkaissut Joosua Santasalo 5 toukokuun, 2022 0

Uncategorized

Azure AD Cross-tenant attacks via multi-tenant implants (servicePrincipals)

I decided to do short write-up since I’ve been getting lot of questions about this attack type originally discovered byLue lisää

julkaissut Joosua Santasalo 27 huhtikuun, 2022 0

Uncategorized

Azure Monitor – Malicious KQL Query

Malicious KQL Query: Malicious KQL query is injection technique, where attacker with targetable workspace resourceID can inject listener of accessLue lisää

julkaissut Joosua Santasalo 22 huhtikuun, 2022 0

Uncategorized

Collection AAD authentication related tools

https://github.com/jsa2/aad_device_code https://github.com/jsa2/aadcookiespoof

Viimeisimmät artikkelit