Monitoring Service principal sign-ins with AzureAD and Azure Sentinel

Here is a conversation between Jeffrey (Developer) and Marc (IT Admin) working for ECorp Ltd. Looks familiar? Take a look in your Azure Active directory, how many applications do you have there? In an ideal world you maintain an inventory of all these applications somewhere in your asset management database so that you know who is the owner of the Application and what it is used for and what API permissions are granted. As for Read More …

Windows 7 Hybrid Join and MFA ramblings

Today I ran into an issue where Windows 7 would not hybrid join as expected. Before going into the details, for those who might not be aware like Windows 10 and Server 2016, you can also hybrid join down-level devices. The functionality is of course not built into Windows so you need to install the “Microsoft Workplace Join for non-Windows 10 computers” software. One reason why you want to hybrid join Windows 7 devices is Read More …