𝐇𝐎𝐖 𝐂𝐎𝐍𝐅𝐈𝐆𝐔𝐑𝐄 𝐆𝐑𝐀𝐃𝐔𝐀𝐋 𝐑𝐎𝐋𝐋𝐎𝐔𝐓 𝐏𝐑𝐎𝐂𝐄𝐒𝐒 𝐅𝐎𝐑 𝐌𝐈𝐂𝐑𝐎𝐒𝐎𝐅𝐓 𝐃𝐄𝐅𝐄𝐍𝐃𝐄𝐑 𝐅𝐎𝐑 𝐄𝐍𝐃𝐏𝐎𝐈𝐍𝐓

Microsoft Defender for Endpoint supports gradual rollout of all update types – Security Intelligence Updates, Engine Updates, and also Platform Updates.

Watch my YouTube video on how to configure gradual rollout process for the updates
https://youtu.be/DJ6k7BucK7Q

𝐒𝐌𝐀𝐑𝐓 𝐋𝐎𝐂𝐊𝐎𝐔𝐓𝐒 𝐈𝐍 𝐌𝐈𝐂𝐑𝐎𝐒𝐎𝐅𝐓 𝐄𝐍𝐓𝐑𝐀 𝐈𝐃

Smart Lockouts in Microsoft Entra ID help protect Microsoft Entra ID accounts from password attacks. And smart lockouts are also called smart lockouts because they are smart in the meaning of that they should not negatively impact regular users.

Do you want to learn more about Smart Lockouts in Microsoft Entra ID? Watch my YouTube video bellow
https://youtu.be/7V7BJcqb5CM

𝐏𝐚𝐬𝐬𝐤𝐞𝐲𝐬 𝐢𝐧 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐀𝐮𝐭𝐡𝐞𝐧𝐭𝐢𝐜𝐚𝐭𝐨𝐫 𝐚𝐫𝐞 𝐧𝐨𝐰 𝐠𝐞𝐧𝐞𝐫𝐚𝐥𝐥𝐲 𝐚𝐯𝐚𝐢𝐥𝐚𝐛𝐥𝐞!

What does it mean? Users can now enroll passkeys in Microsoft Authenticator for their Microsoft Entra ID accounts in the default authentication methods setting. No need for key restrictions anymore!

𝐃𝐈𝐅𝐅𝐄𝐑𝐄𝐍𝐂𝐄 𝐁𝐄𝐓𝐖𝐄𝐄𝐍 𝐌𝐅𝐀 𝐀𝐍𝐃 𝐏𝐇𝐈𝐒𝐇𝐈𝐍𝐆-𝐑𝐄𝐒𝐈𝐒𝐓𝐀𝐍𝐓 𝐌𝐅𝐀

Phishing is a very popular technique of attackers. They trick the user into entering their credentials on some fraudulent site pretending to be a corporate login page, for example to log into Microsoft Entra ID. The user enters their login credentials there and sends them to the attacker.

Watch my YouTube video where I show the difference between MFA and phishing-resistant MFA
https://youtu.be/NGx6tRKtEFI

𝐇𝐎𝐖 𝐓𝐎 𝐔𝐒𝐄 𝐓𝐄𝐌𝐏𝐎𝐑𝐀𝐑𝐘 𝐀𝐂𝐂𝐄𝐒𝐒 𝐏𝐀𝐒𝐒 𝐈𝐍 𝐌𝐈𝐂𝐑𝐎𝐒𝐎𝐅𝐓 𝐄𝐍𝐓𝐑𝐀 𝐈𝐃

When an organization uses passwordless authentication, they need to figure out how to onboard users. In other words, you need to solve the chicken/egg problem. If a user has not registered any passwordless authentication method, how can they authenticate to register a passwordless authentication method?

Temporary Access Pass (TAP) solves this problem.

Watch my YouTube video bellow on how to use Temporary Access Pass in Microsoft Entra ID
https://youtu.be/AqqvMqNcXRU

𝐇𝐎𝐖 𝐓𝐎 𝐌𝐀𝐍𝐀𝐆𝐄 𝐁𝐑𝐄𝐀𝐊-𝐆𝐋𝐀𝐒𝐒 𝐀𝐂𝐂𝐎𝐔𝐍𝐓𝐒 𝐈𝐍 𝐌𝐈𝐂𝐑𝐎𝐒𝐎𝐅𝐓 𝐄𝐍𝐓𝐑𝐀 𝐈𝐃

When you start tightening the requirements for access to your corporate cloud, it can be easy to accidentally lock yourself out and cut yourself off from access to the admin interface.

Alternatively, some part of Microsoft Entra ID may fail. For example, there have been a couple of times in the past where multi-factor authentication in Microsoft Entra ID has had a failure and you couldn’t authenticate.

That is why you need break-glass accounts.

Watch my YouTube video bellow on how to manage break-glass accounts
https://youtu.be/Q2vicBapspg

𝐇𝐨𝐰 𝐭𝐨 𝐬𝐞𝐜𝐮𝐫𝐞 𝐲𝐨𝐮𝐫 𝐞𝐦𝐚𝐢𝐥 𝐰𝐢𝐭𝐡 𝐒𝐏𝐅, 𝐃𝐊𝐈𝐌 𝐚𝐧𝐝 𝐃𝐌𝐀𝐑𝐂

Email is usually a critical part of corporate communication these days. Without a functional email, companies can lose orders and therefore money for example. Therefore, email security should be a very high priority. But equally, increasing email deliverability should be very important.

In today's video, we'll look at how to increase email security from the perspective of protecting your domain. In other words, so that an outsider can't impersonate you, send emails under your domain, and thereby damage your company's reputation or credibility by, for example, sending out spam or, heaven forbid, fake invoices for payment from your domain.

We'll also look at how to increase the deliverability of your messages. That is to say, so that regular emails leaving your domain are delivered to the recipient, and don't fall into spam or get completely thrown away by the recipient's mail server.

We'll focus on three basic options for email security and deliverability that every organization should have implemented.

Watch my YouTube video bellow
https://youtu.be/xtmDDl1rjOc

Microsoft Entra ID serves as a robust identity and access management solution for modern businesses, enabling secure authentication and authorization across various devices and services. One critical aspect of Microsoft Entra ID management involves device join types, each playing a unique role in defining how devices establish trust and connectivity within the Microsoft Entra ID environment.

Watch my YouTube video bellow
https://youtu.be/RU1Sr-jNKCs

𝐇𝐎𝐖 𝐓𝐎 𝐑𝐄𝐒𝐄𝐓 𝐃𝐎𝐌𝐀𝐈𝐍 𝐀𝐃𝐌𝐈𝐍 𝐏𝐀𝐒𝐒𝐖𝐎𝐑𝐃 𝐎𝐍 𝐀𝐍 𝐀𝐙𝐔𝐑𝐄 𝐕𝐌

There are cases when you forget the local admin password of a machine. Or worse, someone changes your password, such as a threat actor in a cybersecurity incident. This happens, and I’ve been there a few times, where a threat actor started resetting all the admins’ passwords to effectively cut them off so they couldn’t stop the ongoing attack.

With Azure VMs, it is possible to reset passwords directly from the Azure portal. Either by using a PowerShell script or by directly entering a command from the Azure portal. This works for both a local admin account and also a domain admin account if the VM in question is a domain controller.

Watch my YouTube video bellow
https://youtu.be/Lmug9xI3h24

𝐇𝐎𝐖 𝐓𝐎 𝐁𝐋𝐎𝐂𝐊 𝐄𝐌𝐀𝐈𝐋𝐒 𝐅𝐑𝐎𝐌 𝐓𝐇𝐄 𝐎𝐍𝐌𝐈𝐂𝐑𝐎𝐒𝐎𝐅𝐓.𝐂𝐎𝐌 𝐃𝐎𝐌𝐀𝐈𝐍 𝐈𝐍 𝐎𝐅𝐅𝐈𝐂𝐄 365

The onmicrosoft.com domain is a tenant address. It is the initial domain with which the tenant was created. This domain is also referred to as the MOERA (Microsoft Online Email Routing Address) domain.

However, this domain is never normally used to send emails. Therefore, it is a good idea to block all emails coming from any onmicrosoft.com domain. These domains could be abused by attackers who register their own tenant for more credibility, but do not register a custom domain.

Watch my YouTube video bellow
https://youtu.be/1AQuxO0Labo

Authentication Strengths in Microsoft Entra ID allows you to granularly define authentication requirements for different situations.

Before authentication strengths were available, authentication requirements were defined globally for the entire tenant, and then conditional access policies could just say that multi-factor authentication was required, for example. But it was not possible to define what type of multifactor authentication was required. So anything that was available globally could be used by all users in all situations.

Which was not optimal. There are situations where a less secure authentication method like SMS or TOTP might be enough. But there are situations where we only want to use very secure authentication methods like FIDO2 when someone is logging into a global admin account for example.

Such granularity was not possible before. If SMS authentication was enabled for a given tenant, even the global admin could use SMS for authentication.

Watch my YouTube video bellow for more details
https://youtu.be/8sIX19pbdho

HOW TO DEPLOY MICROSOFT DEFENDER FOR ENDPOINT ON MACOS VIA MICROSOFT INTUNE

Microsoft Defender for Endpoint supports all commonly used platforms. Including Apple’s macOS.

Many macOS device owners believe they don’t need a security product. They tend to say that there are no viruses or malware on macOS. Unfortunately, this is a very naive and risky opinion. The opposite is true actually, and even macOS is targeted by threat actors. Therefore, you need a security product on macOS as well.

And it’s not just viruses or malware. But what about phishing? You receive a fraudulent link via email, some messenger or iMessage, you click on it and it leads to a phishing site. You need to protect yourself against such threats too.

Watch my YouTube video bellow
https://youtu.be/R631h3di898