Azure Sentinel is a cloud SIEM and SOAR. It is therefore used for the supervision of a customer environment, from which it...
Azure Sentinel is a cloud SIEM and SOAR. It is therefore used for the supervision of a customer environment, from which it collects logs, which it then evaluates. Different types of identities generally have different sensitivities in relation to the risk of abuse. The most sensitive identities, such as admin accounts or emergency [...]Lukas Beran
This article is primarily targeted at Czech state institutions and is based on recommendations of the Czech authority. However, the guidance and recommendations provided below can be applied to any organization. The National Cyber and Information Security Agency published a warning against cyber threats targeting Czech state institutions [...]Lukas Beran
In addition to discovery, Microsoft Cloud App Security can actively interfere with communication. Through the integration of Microsoft Cloud App Security (MCAS) and Microsoft Defender Advanced Threat Protection, it is possible to block access to certain URLs or IP addresses. The list of blocked addresses can be defined directly in [...]Lukas Beran
Multi-factor authentication (MFA) is a method to dramatically increase the security of a user identity. For multi-factor authentication, at least two independent authentication methods of the following three are required for successful user authentication: Something I know (typically username and password) Something I have (eg mobile [...]Lukas Beran
Self-Service Password Reset (SSPR) is an Azure AD feature that allows end users to self-reset their password if they forget it. This feature must be enabled by the administrator in Azure AD and the user must register authentication information – phone number, alternate email, mobile app. During a password reset, the user must of [...]Lukas Beran