In any identity infrastructure attack, attackers are going after the "privileges". The more privileged account they own, the more damage they can do. There can be privileged accounts in a system that only used once a month to do a privileged task. In any IT system, we used to believe administrators are trustworthy people. Therefore, most of the time we do not really worry about what they…
In on-premises Active Directory environments, we use “trusts” to establish identity infrastructure collaboration between businesses. In that way, partner organization can use their own user accounts to authenticate in to trusted organization resources. When it comes to cloud/hybrid identity, Azure AD B2B allow organizations to establish cross-organization identity connections. Unlike…
Just-in-Time Administrations protects high-privileged accounts been compromised. Administrators will have their privileges when they “required”. It minimizes the lateral movements of identity attack. Azure AD PIM allows to create time-based temporally admin accounts. In this demo I am going to demonstrate how to create time-based admin accounts in azure using PIM. If you are new to…
Devices runs with Windows 10 and Windows Server 2016 can directly connect to Azure AD. I have used it on my last few posts and explain different features available for Domain Joined Devices. However not every device in an infrastructure runs with Windows 10 or Windows Server 2016. If it is cloud only environment, you can simply connect your VMs in Azure to Azure AD without issue. but if it is…
