Script: Sentinel Data Lake Table Management
Microsoft Sentinel’s data lake story is quietly powerful: you get fast, 90-day Analytics (Shortterm) for hunting and detections, plus scalable, …
MVPBuzz
How to Block Upload to WeTransfer, DropBox & Google Drive (but Allowing Download) – using Microsoft Purview Data Loss Prevention (DLP)
This blog was created in response to recent policy changes related to the WeTransfer cloud storage service. These changes raised …
How to authenticate with Windows Hello for Business or FIDO security key in RDP session ?
This little guide will show how you can authenticate with Windows Hello for Business and FIDO2 security key in a …
Windows Service Monitoring at Scale using Cloud Native Azure Components
Recently, I was challenged to build a scalable, cloud native solution that should be used for monitoring of critical Windows …
Troubleshooting & Monitoring of Log Ingestion with Data Collection Rules
As I have outlined in the series of blogs, Azure Logging is based on Data Collection Rules (DCRs) and Azure …
Optimize Costs using Auxiliary Logs for Verbose Logging
Today, we use logging for many purposes including security hunting with SIEM (Sentinel), troubleshooting, performance telemetry, compliance reporting – but …
Entra Private Access/GSA – Automatic Network Detection
This blog covers a custom script solution for Intune, that can be used to automatically detect, if the Entra Private …
MFA issues for Invited guest – Cause: Cross-Tenant Access due to Partner Relationship
This blog is about an issue, I experienced when I was invited as Guest to a tenant, where cross-tenant access …
Security Copilot Scalable Capacity Management for non-24×7 SOC scenario
Background Some of my customers are not having 24×7 SOC but still wants to utilize Microsoft Security Copilot during their …
[issue] Connect-AzAccount : Method not found: System.Threading.Tasks.Task
Error Connect-AzAccount : Method not found: ‘System.Threading.Tasks.Task`1 Azure.Identity.InteractiveBrowserCredential.AuthenticateAsync(Azure.Core.TokenRequestContext, System.Threading.CancellationToken)’.Could not find tenant id for provided tenant domain ‘xxxxxx’. Please ensure …