Lukas BeranAzure Sentinel is a cloud SIEM and SOAR. It is therefore used for the supervision of a customer environment, from which it...
Welcome to my blog! If you're looking for tutorials, hints or tips for IT, you're right here. You will find mostly articles on Microsoft products and technologies - operating systems, servers, virtualization, networks, management, but also the cloud. Sometimes I add some other interesting things.
Monitoring of sensitive Azure AD accounts with Azure Sentinel
Azure Sentinel is a cloud SIEM and SOAR. It is therefore used for the supervision of a customer environment, from which it collects logs, which it then evaluates. Different types of identities generally have different sensitivities in relation to the risk of abuse. The most sensitive identities, such as admin accounts or emergency [...]
Lukas Beran Protection of institutions against cyber attacks as recommended by NÚKIB
This article is primarily targeted at Czech state institutions and is based on recommendations of the Czech authority. However, the guidance and recommendations provided below can be applied to any organization. The National Cyber and Information Security Agency published a warning against cyber threats targeting Czech state institutions [...]
Lukas Beran Block web applications in Microsoft Cloud App Security
In addition to discovery, Microsoft Cloud App Security can actively interfere with communication. Through the integration of Microsoft Cloud App Security (MCAS) and Microsoft Defender Advanced Threat Protection, it is possible to block access to certain URLs or IP addresses. The list of blocked addresses can be defined directly in [...]
Lukas Beran Azure MFA and authentication options
Multi-factor authentication (MFA) is a method to dramatically increase the security of a user identity. For multi-factor authentication, at least two independent authentication methods of the following three are required for successful user authentication: Something I know (typically username and password) Something I have (eg mobile [...]
Lukas Beran Integrate Self-Service Password Reset into the Windows 10 login screen
Self-Service Password Reset (SSPR) is an Azure AD feature that allows end users to self-reset their password if they forget it. This feature must be enabled by the administrator in Azure AD and the user must register authentication information – phone number, alternate email, mobile app. During a password reset, the user must of [...]
Lukas Beran