Halloween is over but the the world is still a scary place. In a continuation of a thought from an article I wrote a few weeks back for Auditing AzureSQL Firewall Policies, I thought I would also include a short function for auditing azure storage accounts that are currently configured for “public” access. Why are […]
I periodically review Azure PaaS resource edge security. As a part of that process I examine and cleanup AzureSQL firewall rules. Once you have more than a handful of subscriptions and AzureSQL databases, doing this manually starts becoming unfeasible. To that end, Azure Powershell is your friend… As is typical, you need to install the […]
Modern Authentication Issues with Office 365 – FIXED – Don’t Just Disable Azure Active Directory Authentication Library (ADAL) – Instead… Fix It With This!
A colleague of mine recently solved one of the biggest pain points I have dealt with regarding Office365 – that is, Microsoft’s seemingly hit-or-miss modern authentication. Symptoms look like this: 1. Outlook client can’t connect and/or authenticate for end-users 2. Turning on Azure MFA for an end-user ruins their life (and yours) because all office […]
FIRST – I am stealing code here and re-sharing (with very little modification). All credit goes the fine gentleman that wrote these two articles, I would urge you to read them: Bulk Add IP Access Restrictions to Azure App Service Using AZ Powershell Bulk Add Cloudflares IPs to Azure App Service Access Restrictions Using AZ […]
Currently I am looking into a couple of different cloud platforms for new infrastructure projects. Microsoft Azure is creeping up rather highly on the list. A few years ago the concepts of “security” and “cloud hosting” were diametrically opposed in many people’s minds. Security is an ironic field of IT in that technology, vulnerabilities and […]