Requiring MFA for the Microsoft Admin Portal Apps
In this blog, Paul Robichaux reviews how to add additional protection to Microsoft Admin Portal Apps through MFA.
November 2, 2023
Latest Articles
Practical Protection: Banning Bad Passwords
In this installment of Practical Protection, Paul Robichaux Talks about Password Banning in your Entra ID Tenant and why everyone should implement this extra layer of protection.
October 26, 2023
Practical Protection: Practical Guidance from the Microsoft Digital Defense Report
It's that time of the year again! Microsoft is releasing their annual Microsoft Digital Defense Report (MDDR), and you may want to give it a read. In this blog, we talk about the highlights from the MDDR and offer some advice to better protect your organization.
October 12, 2023
Not Today, Satan: Securing Your Network by Blocking Ad-Borne Malware
Apart from being annoying, advertisements can actually be used to deliver malware. This blog explains what "Malvertising" is and how to secure your network from these attacks.
October 6, 2023
Practical Protection: Appreciating Tokens
In order to protect your Azure and Microsoft 365 services, you need to know what tokens are, where they come from, how they can be used, and how to protect them. This column by Paul Robichaux will hopefully get you pointed in the right direction.
September 26, 2023
Practical Protection: Is Realistic Security Testing a Good Idea?
Sometimes simulation testing is the best way to see how your org would react to threats, but at what cost? Check out this article, and see what testing would best fit your org.
September 8, 2023
Storm-0558: Understanding How Microsoft Failed to Protect Itself
Storm-0558 is a China-originated attack against sensitive Exchange Online mailboxes. The attack exposed several flaws in Microsoft's processing of data. Microsoft says that the holes are now closed, but it's still a good idea to check that your tenant is not being attacked in the same way.
September 7, 2023
Practical Protection: For Whom the Bell Tolls
What would happen to your organization if your top Admin disappeared? Well, it could be catastrophic... In this blog, Paul Robichaux discusses BRT attacks and how to prepare for them.
August 24, 2023
AD-Based Attacks in 2023 – What We’ve Learned So Far
In this blog, Paul Robichaux covers a recent TEC Talk where he discusses AD-Based Attacks in 2023 and what we've learned so far.
August 22, 2023
Practical Protection: Five Years is Too Long
Five years is way too long to leave a vulnerability unpatched. Unfortunately, forgetting to patch isn't uncommon and hackers love when you do... This blog discusses how to stay on top of patching and stop easily avoidable breaches.
August 11, 2023
Practical Protection: Who Watches the Watchers?
Are you on watch for data breaches? This Blog talks about how soft skills, trainings, and investments can be used as tools to minimize the harm from data breaches.
July 28, 2023
Practical Protection: Five Things To Know About Microsoft 365 Auditing
Most of us don’t spend much time poking around in the unified audit log, but all of us probably should. In this article, we dive into 5 things you need to know about Microsoft 365 auditing.
July 12, 2023