Azure Bastion is a PaaS service that provides seamless RDP/SSH connectivity to virtual machines via Azure portal. When we use Azure Bastion, virtual machines do not require public IP address to connect even if the VM is in a different VNET (same or different subscription). As long as Azure Bastion subnet can reach the remote network (via VNET peering, VPN), we can use the Azure Bastion service to…
This is the Part 03 of the Microsoft Defender for Identity blog series and so far in this series, we learned about,
Part 01 – MDI Overview
Part 02 – Create Directory Service Account
Similar to Part 02, in this blog post also I am going to talk about another MDI prerequisite. MDI collects information from Windows Event logs to enrich the content of findings. Domain controllers do not…
In Part 01 of Microsoft Defender for Identity blog series, I have explained about Microsoft Defender for Identity and it’s benefits. I also talked about the prerequisites. In that list, I mentioned that we required Directory Service Account(DSA) to connect to Active Directory forest.
There are two types of DSAs we can use for this task.
1) Regular Active Directory user account
2) Group Managed…
Zero-trust security is not a product or service, it is a mindset. We need to understand the importance of this approach and implement relevant controls where ever possible. Especially with the pandemic, the word “Zero-Trust” is echoing in the tech industry and it is completely making sense due to the following reasons.
1. Today IT security getting more and more complex. Security is no longer…