#azuread — Public Fediverse posts

🟦 Entra ID Backup. What you Need to Know!

Microsoft has added built in backup and restore to Entra ID — a big win for admins. 🔹
It creates automatic daily backups with five days of retention.
Backups cannot be disabled or deleted even by admins.
Restores cover users groups apps and policies enabling faster recovery and compliance.

💡 Daily backups retained for five days
🔍 Restore users groups apps and policies
⚖️ Backups stored in tenant geo for compliance

Want a short guide to get started?

#EntraID #IdentityBackup #AzureAD #CloudSecurity
▶︎https://www.hubsite365.com/en-ww/pro-office-365/?id=450758d2-b934-f111-88b4-00224882d634&topic=eb4ea787-ac86-ec11-93b0-6045bd8f31a1&theater=true

RE: https://infosec.exchange/@merill/116188307859736132

Android Authenticator

Root Detection

🚨⚠️🚨⚠️🚨⚠️🚨⚠️

#MicrosoftAuthenticator on #Android
strictly blocks usage on rooted or
jailbroken devices.

Relies on Google
Play Services;

privacy-focused OS
distributions (e.g., #GrapheneOS)
lacking Play Services will be
completely blocked.

THIS WONT MAKE EVERYONE HAPPY

#EntraID #AzureAD

🎤 On Stage in 5min 🎤 Track 1: @powers-hell.com Track 2: Jan-Hendrik Peters Track 3: @hcritter.bsky.social Track 4: Jonny Eskew #PowerShell #automation #Azure #DevOps #Microsoft365 #AzureAD #MSAL #MicrosoftGraph #Bicep

https://opensource.microsoft.com/blog/2022/01/18/announcing-azure-active-directory-azure-ad-workload-identity-for-kubernetes/ - authenticate #Kubernetes #pods to #AzureAD (now #Entra). Nice intro Anish Ramasekar.

What are your biggest Entra (AzureAD) Conditional Access questions or pain points? I'm working on a giant Conditional Access post for the #TrustedSec blog -- would welcome your inputs!
#Microsoft #Entra #AzureAD #Azure #ConditionalAccess #conditionalaccesspolicies

𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬’ 𝐫𝐞𝐜𝐨𝐦𝐦𝐞𝐧𝐝𝐚𝐭𝐢𝐨𝐧𝐬 𝐟𝐨𝐫 𝐢𝐦𝐩𝐚𝐜𝐭𝐟𝐮𝐥 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐨𝐬𝐭𝐮𝐫𝐞 𝐦𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭

The Microsoft Defender Experts for XDR service provides value to customers from both a proactive and reactive perspective.

While the basics of security hygiene, such as patching, inventory, security baselining, and least privilege delegations are undeniably important, once those bases are covered there are many more specific controls that receive less attention but can be critical in mitigating the frequency and impact of future incidents.

Top Configuration Recommendations:

Defender for Office 365

➡ Restrict user ability to release emails from quarantine

Defender for Endpoint

➡Enable tamper protection

➡Enable network protection in block mode

➡Block untrusted and unsigned processes that run from USB

➡Block JavaScript or VBScript from launching downloaded executable content

➡Block executable content from email client and webmail

Entra ID

➡Ensure multifactor authentication (MFA) is enabled for all users in administrative roles in Entra ID

➡Require MFA for self-service password reset (SSPR)

Defender for Identity

➡Set a honeytoken account

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/defender-experts-recommendations-for-impactful-security-posture/ba-p/4040147

#defender #experts #xdr #edr #mde #mdi #mdo #entraid #azuread #microsoft #microsoftsecurity #azure #cloudsecurity #cloudnative #soc #cybersecurity #MXDR #triage #investigate #respond #prevent #quarantine #mfa #asr #deception

𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬’ 𝐫𝐞𝐜𝐨𝐦𝐦𝐞𝐧𝐝𝐚𝐭𝐢𝐨𝐧𝐬 𝐟𝐨𝐫 𝐢𝐦𝐩𝐚𝐜𝐭𝐟𝐮𝐥 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐨𝐬𝐭𝐮𝐫𝐞 𝐦𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭

The Microsoft Defender Experts for XDR service provides value to customers from both a proactive and reactive perspective.

While the basics of security hygiene, such as patching, inventory, security baselining, and least privilege delegations are undeniably important, once those bases are covered there are many more specific controls that receive less attention but can be critical in mitigating the frequency and impact of future incidents.

Top Configuration Recommendations:

Defender for Office 365

➡ Restrict user ability to release emails from quarantine

Defender for Endpoint

➡Enable tamper protection

➡Enable network protection in block mode

➡Block untrusted and unsigned processes that run from USB

➡Block JavaScript or VBScript from launching downloaded executable content

➡Block executable content from email client and webmail

Entra ID

➡Ensure multifactor authentication (MFA) is enabled for all users in administrative roles in Entra ID

➡Require MFA for self-service password reset (SSPR)

Defender for Identity

➡Set a honeytoken account

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/defender-experts-recommendations-for-impactful-security-posture/ba-p/4040147

#defender #experts #xdr #edr #mde #mdi #mdo #entraid #azuread #microsoft #microsoftsecurity #azure #cloudsecurity #cloudnative #soc #cybersecurity #MXDR #triage #investigate #respond #prevent #quarantine #mfa #asr #deception

𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬’ 𝐫𝐞𝐜𝐨𝐦𝐦𝐞𝐧𝐝𝐚𝐭𝐢𝐨𝐧𝐬 𝐟𝐨𝐫 𝐢𝐦𝐩𝐚𝐜𝐭𝐟𝐮𝐥 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐨𝐬𝐭𝐮𝐫𝐞 𝐦𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭

The Microsoft Defender Experts for XDR service provides value to customers from both a proactive and reactive perspective.

While the basics of security hygiene, such as patching, inventory, security baselining, and least privilege delegations are undeniably important, once those bases are covered there are many more specific controls that receive less attention but can be critical in mitigating the frequency and impact of future incidents.

Top Configuration Recommendations:

Defender for Office 365

➡ Restrict user ability to release emails from quarantine

Defender for Endpoint

➡Enable tamper protection

➡Enable network protection in block mode

➡Block untrusted and unsigned processes that run from USB

➡Block JavaScript or VBScript from launching downloaded executable content

➡Block executable content from email client and webmail

Entra ID

➡Ensure multifactor authentication (MFA) is enabled for all users in administrative roles in Entra ID

➡Require MFA for self-service password reset (SSPR)

Defender for Identity

➡Set a honeytoken account

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/defender-experts-recommendations-for-impactful-security-posture/ba-p/4040147

#defender #experts #xdr #edr #mde #mdi #mdo #entraid #azuread #microsoft #microsoftsecurity #azure #cloudsecurity #cloudnative #soc #cybersecurity #MXDR #triage #investigate #respond #prevent #quarantine #mfa #asr #deception

𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬’ 𝐫𝐞𝐜𝐨𝐦𝐦𝐞𝐧𝐝𝐚𝐭𝐢𝐨𝐧𝐬 𝐟𝐨𝐫 𝐢𝐦𝐩𝐚𝐜𝐭𝐟𝐮𝐥 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐨𝐬𝐭𝐮𝐫𝐞 𝐦𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭

The Microsoft Defender Experts for XDR service provides value to customers from both a proactive and reactive perspective.

While the basics of security hygiene, such as patching, inventory, security baselining, and least privilege delegations are undeniably important, once those bases are covered there are many more specific controls that receive less attention but can be critical in mitigating the frequency and impact of future incidents.

Top Configuration Recommendations:

Defender for Office 365

➡ Restrict user ability to release emails from quarantine

Defender for Endpoint

➡Enable tamper protection

➡Enable network protection in block mode

➡Block untrusted and unsigned processes that run from USB

➡Block JavaScript or VBScript from launching downloaded executable content

➡Block executable content from email client and webmail

Entra ID

➡Ensure multifactor authentication (MFA) is enabled for all users in administrative roles in Entra ID

➡Require MFA for self-service password reset (SSPR)

Defender for Identity

➡Set a honeytoken account

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/defender-experts-recommendations-for-impactful-security-posture/ba-p/4040147

#defender #experts #xdr #edr #mde #mdi #mdo #entraid #azuread #microsoft #microsoftsecurity #azure #cloudsecurity #cloudnative #soc #cybersecurity #MXDR #triage #investigate #respond #prevent #quarantine #mfa #asr #deception

𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬’ 𝐫𝐞𝐜𝐨𝐦𝐦𝐞𝐧𝐝𝐚𝐭𝐢𝐨𝐧𝐬 𝐟𝐨𝐫 𝐢𝐦𝐩𝐚𝐜𝐭𝐟𝐮𝐥 𝐬𝐞𝐜𝐮𝐫𝐢𝐭𝐲 𝐩𝐨𝐬𝐭𝐮𝐫𝐞 𝐦𝐚𝐧𝐚𝐠𝐞𝐦𝐞𝐧𝐭

The Microsoft Defender Experts for XDR service provides value to customers from both a proactive and reactive perspective.

While the basics of security hygiene, such as patching, inventory, security baselining, and least privilege delegations are undeniably important, once those bases are covered there are many more specific controls that receive less attention but can be critical in mitigating the frequency and impact of future incidents.

Top Configuration Recommendations:

Defender for Office 365

➡ Restrict user ability to release emails from quarantine

Defender for Endpoint

➡Enable tamper protection

➡Enable network protection in block mode

➡Block untrusted and unsigned processes that run from USB

➡Block JavaScript or VBScript from launching downloaded executable content

➡Block executable content from email client and webmail

Entra ID

➡Ensure multifactor authentication (MFA) is enabled for all users in administrative roles in Entra ID

➡Require MFA for self-service password reset (SSPR)

Defender for Identity

➡Set a honeytoken account

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/defender-experts-recommendations-for-impactful-security-posture/ba-p/4040147

#defender #experts #xdr #edr #mde #mdi #mdo #entraid #azuread #microsoft #microsoftsecurity #azure #cloudsecurity #cloudnative #soc #cybersecurity #MXDR #triage #investigate #respond #prevent #quarantine #mfa #asr #deception

𝐄𝐱𝐩𝐥𝐨𝐫𝐢𝐧𝐠 𝐭𝐡𝐞 𝐧𝐞𝐰 𝐈𝐓𝐃𝐑 𝐞𝐱𝐩𝐞𝐫𝐢𝐞𝐧𝐜𝐞 𝐰𝐢𝐭𝐡𝐢𝐧 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫

The new ITDR dashboard is designed to provide SOC professionals with a single, prioritized view of Identity-specific security information and recommendations.

For more information, see:

https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/identity-in-focus-exploring-the-new-itdr-experience-within/ba-p/4027129

#itdr #defender #defenderxdr #identity #security #microsoft #microsoftsecurity #mdi #entraid #azuread #Identitythreatdetection #cloud #cloudsecurity #soc #cloudnative

𝐄𝐱𝐩𝐥𝐨𝐫𝐢𝐧𝐠 𝐭𝐡𝐞 𝐧𝐞𝐰 𝐈𝐓𝐃𝐑 𝐞𝐱𝐩𝐞𝐫𝐢𝐞𝐧𝐜𝐞 𝐰𝐢𝐭𝐡𝐢𝐧 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫

The new ITDR dashboard is designed to provide SOC professionals with a single, prioritized view of Identity-specific security information and recommendations.

For more information, see:

https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/identity-in-focus-exploring-the-new-itdr-experience-within/ba-p/4027129

#itdr #defender #defenderxdr #identity #security #microsoft #microsoftsecurity #mdi #entraid #azuread #Identitythreatdetection #cloud #cloudsecurity #soc #cloudnative

𝐄𝐱𝐩𝐥𝐨𝐫𝐢𝐧𝐠 𝐭𝐡𝐞 𝐧𝐞𝐰 𝐈𝐓𝐃𝐑 𝐞𝐱𝐩𝐞𝐫𝐢𝐞𝐧𝐜𝐞 𝐰𝐢𝐭𝐡𝐢𝐧 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫

The new ITDR dashboard is designed to provide SOC professionals with a single, prioritized view of Identity-specific security information and recommendations.

For more information, see:

https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/identity-in-focus-exploring-the-new-itdr-experience-within/ba-p/4027129

#itdr #defender #defenderxdr #identity #security #microsoft #microsoftsecurity #mdi #entraid #azuread #Identitythreatdetection #cloud #cloudsecurity #soc #cloudnative

𝐄𝐱𝐩𝐥𝐨𝐫𝐢𝐧𝐠 𝐭𝐡𝐞 𝐧𝐞𝐰 𝐈𝐓𝐃𝐑 𝐞𝐱𝐩𝐞𝐫𝐢𝐞𝐧𝐜𝐞 𝐰𝐢𝐭𝐡𝐢𝐧 𝐌𝐢𝐜𝐫𝐨𝐬𝐨𝐟𝐭 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫

The new ITDR dashboard is designed to provide SOC professionals with a single, prioritized view of Identity-specific security information and recommendations.

For more information, see:

https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/identity-in-focus-exploring-the-new-itdr-experience-within/ba-p/4027129

#itdr #defender #defenderxdr #identity #security #microsoft #microsoftsecurity #mdi #entraid #azuread #Identitythreatdetection #cloud #cloudsecurity #soc #cloudnative

I'd like to point out this really interesting article on the topic: 𝐓𝐨𝐤𝐞𝐧 𝐓𝐡𝐞𝐟𝐭 𝐓𝐚𝐥𝐤.

Key points and topics covered:

- Primary Refresh Tokens (PRT) on all operating system platforms have been hardened against theft from day one. The level of protection depends on operated system capabilities, with Windows offering the strongest protection.

- First line of defense against token theft is protecting your devices by deploying endpoint protections, device management, MFA (and moving towards phishing-resistant credentials), and antimalware

You can reduce token theft by carefully orchestrating Entra ID security products:

▶Addressing token theft of sign-in session artifacts: Conditional Access: Token protection policy offers cryptographic protection against replay of stolen tokens.

▶Addressing token theft of app session artifacts: block usage of stolen access tokens and workload cookies outside of your corporate network by using Conditional Access.

▶Detecting token theft: enable risk detections with Microsoft Entra ID Protection to elevate user risk when token theft is suspected.

https://techcommunity.microsoft.com/t5/microsoft-entra-blog/addressing-data-exfiltration-token-theft-talk/ba-p/3915337

#microsoft #microsoftsecurity #entraid #azuread #azure #idp #token #tokentheft #cloudsecurity #identity #prt #cookies #identityprotection #mfa #cae #conditionalaccess #refreshtoken #token

Smart Lockouts in Microsoft Entra ID help protect Microsoft Entra ID accounts from password attacks. Do you know how does it work? Did you know that the more times you try a password, the longer the lockout is? Or that entering one password multiple times does not increase the counter? #entraid #azuread #identity #lockout #smartlockout #cybersecurity #tips https://www.cswrld.com/2023/12/smart-lockouts-in-microsoft-entra-id/

𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗚𝗿𝗮𝗽𝗵 𝗔𝗰𝘁𝗶𝘃𝗶𝘁𝘆 𝗟𝗼𝗴 𝗶𝘀 𝗡𝗼𝘄 𝗔𝘃𝗮𝗶𝗹𝗮𝗯𝗹𝗲 𝗶𝗻 𝗣𝘂𝗯𝗹𝗶𝗰 𝗣𝗿𝗲𝘃𝗶𝗲𝘄

With Microsoft Graph Activity Logs, you can now investigate the complete picture of activity in your tenant – from token request in SignIn logs, to API request activity (reads, writes, and deletes) in Microsoft Graph Activity Logs, to ultimate resource changes in Audit logs.

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/microsoft-graph-activity-log-is-now-available-in-public-preview/ba-p/3848269

#microsoft #entra #entraid #azuread #graph #microsoftgraph #log #idp #identity #azure #API #soc #itdr #security #cybersecurity #siem #soc #monitoring #loganalytics #sentinel #hunting #cyberthreat #identity #identityprovider #microsoftsecurity

𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗚𝗿𝗮𝗽𝗵 𝗔𝗰𝘁𝗶𝘃𝗶𝘁𝘆 𝗟𝗼𝗴 𝗶𝘀 𝗡𝗼𝘄 𝗔𝘃𝗮𝗶𝗹𝗮𝗯𝗹𝗲 𝗶𝗻 𝗣𝘂𝗯𝗹𝗶𝗰 𝗣𝗿𝗲𝘃𝗶𝗲𝘄

With Microsoft Graph Activity Logs, you can now investigate the complete picture of activity in your tenant – from token request in SignIn logs, to API request activity (reads, writes, and deletes) in Microsoft Graph Activity Logs, to ultimate resource changes in Audit logs.

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/microsoft-graph-activity-log-is-now-available-in-public-preview/ba-p/3848269

#microsoft #entra #entraid #azuread #graph #microsoftgraph #log #idp #identity #azure #API #soc #itdr #security #cybersecurity #siem #soc #monitoring #loganalytics #sentinel #hunting #cyberthreat #identity #identityprovider #microsoftsecurity

𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗚𝗿𝗮𝗽𝗵 𝗔𝗰𝘁𝗶𝘃𝗶𝘁𝘆 𝗟𝗼𝗴 𝗶𝘀 𝗡𝗼𝘄 𝗔𝘃𝗮𝗶𝗹𝗮𝗯𝗹𝗲 𝗶𝗻 𝗣𝘂𝗯𝗹𝗶𝗰 𝗣𝗿𝗲𝘃𝗶𝗲𝘄

With Microsoft Graph Activity Logs, you can now investigate the complete picture of activity in your tenant – from token request in SignIn logs, to API request activity (reads, writes, and deletes) in Microsoft Graph Activity Logs, to ultimate resource changes in Audit logs.

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/microsoft-graph-activity-log-is-now-available-in-public-preview/ba-p/3848269

#microsoft #entra #entraid #azuread #graph #microsoftgraph #log #idp #identity #azure #API #soc #itdr #security #cybersecurity #siem #soc #monitoring #loganalytics #sentinel #hunting #cyberthreat #identity #identityprovider #microsoftsecurity

𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗚𝗿𝗮𝗽𝗵 𝗔𝗰𝘁𝗶𝘃𝗶𝘁𝘆 𝗟𝗼𝗴 𝗶𝘀 𝗡𝗼𝘄 𝗔𝘃𝗮𝗶𝗹𝗮𝗯𝗹𝗲 𝗶𝗻 𝗣𝘂𝗯𝗹𝗶𝗰 𝗣𝗿𝗲𝘃𝗶𝗲𝘄

With Microsoft Graph Activity Logs, you can now investigate the complete picture of activity in your tenant – from token request in SignIn logs, to API request activity (reads, writes, and deletes) in Microsoft Graph Activity Logs, to ultimate resource changes in Audit logs.

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/microsoft-graph-activity-log-is-now-available-in-public-preview/ba-p/3848269

#microsoft #entra #entraid #azuread #graph #microsoftgraph #log #idp #identity #azure #API #soc #itdr #security #cybersecurity #siem #soc #monitoring #loganalytics #sentinel #hunting #cyberthreat #identity #identityprovider #microsoftsecurity

𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗚𝗿𝗮𝗽𝗵 𝗔𝗰𝘁𝗶𝘃𝗶𝘁𝘆 𝗟𝗼𝗴 𝗶𝘀 𝗡𝗼𝘄 𝗔𝘃𝗮𝗶𝗹𝗮𝗯𝗹𝗲 𝗶𝗻 𝗣𝘂𝗯𝗹𝗶𝗰 𝗣𝗿𝗲𝘃𝗶𝗲𝘄

With Microsoft Graph Activity Logs, you can now investigate the complete picture of activity in your tenant – from token request in SignIn logs, to API request activity (reads, writes, and deletes) in Microsoft Graph Activity Logs, to ultimate resource changes in Audit logs.

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/microsoft-graph-activity-log-is-now-available-in-public-preview/ba-p/3848269

#microsoft #entra #entraid #azuread #graph #microsoftgraph #log #idp #identity #azure #API #soc #itdr #security #cybersecurity #siem #soc #monitoring #loganalytics #sentinel #hunting #cyberthreat #identity #identityprovider #microsoftsecurity

𝐈𝐦𝐩𝐥𝐞𝐦𝐞𝐧𝐭 𝐥𝐨𝐠𝐠𝐢𝐧𝐠 𝐚𝐧𝐝 𝐦𝐨𝐧𝐢𝐭𝐨𝐫𝐢𝐧𝐠 𝐟𝐨𝐫 𝐀𝐳𝐮𝐫𝐞 𝐎𝐩𝐞𝐧𝐀𝐈 𝐦𝐨𝐝𝐞𝐥𝐬

Azure OpenAI offers built-in logging and monitoring capabilities.

However, it's important to note that the default cognitive service logging doesn't capture or store details such as prompts, tokens, and models used as inputs and outputs of the service.

These metrics are particularly crucial for compliance and ensuring the service functions as intended. 📌

The following solution provides comprehensive logging and monitoring, as well as enhanced security for enterprise deployments of the Azure OpenAI Service API.

Take a look: https://learn.microsoft.com/en-us/azure/architecture/ai-ml/openai/architecture/log-monitor-azure-openai

#openai #azureopenai #monitoring #logging #sentinel #siem #log #loganalytics #azuread #API #AppGateway #azure #architecture #cybersecurity #ai #llm #aisecurity #microsoft #cloud #cloudnative

𝐈𝐦𝐩𝐥𝐞𝐦𝐞𝐧𝐭 𝐥𝐨𝐠𝐠𝐢𝐧𝐠 𝐚𝐧𝐝 𝐦𝐨𝐧𝐢𝐭𝐨𝐫𝐢𝐧𝐠 𝐟𝐨𝐫 𝐀𝐳𝐮𝐫𝐞 𝐎𝐩𝐞𝐧𝐀𝐈 𝐦𝐨𝐝𝐞𝐥𝐬

Azure OpenAI offers built-in logging and monitoring capabilities.

However, it's important to note that the default cognitive service logging doesn't capture or store details such as prompts, tokens, and models used as inputs and outputs of the service.

These metrics are particularly crucial for compliance and ensuring the service functions as intended. 📌

The following solution provides comprehensive logging and monitoring, as well as enhanced security for enterprise deployments of the Azure OpenAI Service API.

Take a look: https://learn.microsoft.com/en-us/azure/architecture/ai-ml/openai/architecture/log-monitor-azure-openai

#openai #azureopenai #monitoring #logging #sentinel #siem #log #loganalytics #azuread #API #AppGateway #azure #architecture #cybersecurity #ai #llm #aisecurity #microsoft #cloud #cloudnative

𝐈𝐦𝐩𝐥𝐞𝐦𝐞𝐧𝐭 𝐥𝐨𝐠𝐠𝐢𝐧𝐠 𝐚𝐧𝐝 𝐦𝐨𝐧𝐢𝐭𝐨𝐫𝐢𝐧𝐠 𝐟𝐨𝐫 𝐀𝐳𝐮𝐫𝐞 𝐎𝐩𝐞𝐧𝐀𝐈 𝐦𝐨𝐝𝐞𝐥𝐬

Azure OpenAI offers built-in logging and monitoring capabilities.

However, it's important to note that the default cognitive service logging doesn't capture or store details such as prompts, tokens, and models used as inputs and outputs of the service.

These metrics are particularly crucial for compliance and ensuring the service functions as intended. 📌

The following solution provides comprehensive logging and monitoring, as well as enhanced security for enterprise deployments of the Azure OpenAI Service API.

Take a look: https://learn.microsoft.com/en-us/azure/architecture/ai-ml/openai/architecture/log-monitor-azure-openai

#openai #azureopenai #monitoring #logging #sentinel #siem #log #loganalytics #azuread #API #AppGateway #azure #architecture #cybersecurity #ai #llm #aisecurity #microsoft #cloud #cloudnative

𝐈𝐦𝐩𝐥𝐞𝐦𝐞𝐧𝐭 𝐥𝐨𝐠𝐠𝐢𝐧𝐠 𝐚𝐧𝐝 𝐦𝐨𝐧𝐢𝐭𝐨𝐫𝐢𝐧𝐠 𝐟𝐨𝐫 𝐀𝐳𝐮𝐫𝐞 𝐎𝐩𝐞𝐧𝐀𝐈 𝐦𝐨𝐝𝐞𝐥𝐬

Azure OpenAI offers built-in logging and monitoring capabilities.

However, it's important to note that the default cognitive service logging doesn't capture or store details such as prompts, tokens, and models used as inputs and outputs of the service.

These metrics are particularly crucial for compliance and ensuring the service functions as intended. 📌

The following solution provides comprehensive logging and monitoring, as well as enhanced security for enterprise deployments of the Azure OpenAI Service API.

Take a look: https://learn.microsoft.com/en-us/azure/architecture/ai-ml/openai/architecture/log-monitor-azure-openai

#openai #azureopenai #monitoring #logging #sentinel #siem #log #loganalytics #azuread #API #AppGateway #azure #architecture #cybersecurity #ai #llm #aisecurity #microsoft #cloud #cloudnative

𝐈𝐦𝐩𝐥𝐞𝐦𝐞𝐧𝐭 𝐥𝐨𝐠𝐠𝐢𝐧𝐠 𝐚𝐧𝐝 𝐦𝐨𝐧𝐢𝐭𝐨𝐫𝐢𝐧𝐠 𝐟𝐨𝐫 𝐀𝐳𝐮𝐫𝐞 𝐎𝐩𝐞𝐧𝐀𝐈 𝐦𝐨𝐝𝐞𝐥𝐬

Azure OpenAI offers built-in logging and monitoring capabilities.

However, it's important to note that the default cognitive service logging doesn't capture or store details such as prompts, tokens, and models used as inputs and outputs of the service.

These metrics are particularly crucial for compliance and ensuring the service functions as intended. 📌

The following solution provides comprehensive logging and monitoring, as well as enhanced security for enterprise deployments of the Azure OpenAI Service API.

Take a look: https://learn.microsoft.com/en-us/azure/architecture/ai-ml/openai/architecture/log-monitor-azure-openai

#openai #azureopenai #monitoring #logging #sentinel #siem #log #loganalytics #azuread #API #AppGateway #azure #architecture #cybersecurity #ai #llm #aisecurity #microsoft #cloud #cloudnative

Reminder to anyone who has purchased a new #iPhone and uses #passwordless or the #microsoft authenticator app for #mfa for corporate #office365 or #EntraID

iPhone backups/transfers will not rehydrate the app.

Make sure you have a backup strong auth method.

#m365 #azuread #azure #aad #microsoft365 #entra #infosec #consulting

𝐈𝐦𝐩𝐥𝐞𝐦𝐞𝐧𝐭 𝐥𝐨𝐠𝐠𝐢𝐧𝐠 𝐚𝐧𝐝 𝐦𝐨𝐧𝐢𝐭𝐨𝐫𝐢𝐧𝐠 𝐟𝐨𝐫 𝐀𝐳𝐮𝐫𝐞 𝐎𝐩𝐞𝐧𝐀𝐈 𝐦𝐨𝐝𝐞𝐥𝐬

Azure OpenAI offers built-in logging and monitoring capabilities.

However, it's important to note that the default cognitive service logging doesn't capture or store details such as prompts, tokens, and models used as inputs and outputs of the service.

These metrics are particularly crucial for compliance and ensuring the service functions as intended. 📌

The following solution provides comprehensive logging and monitoring, as well as enhanced security for enterprise deployments of the Azure OpenAI Service API.

Take a look: https://learn.microsoft.com/en-us/azure/architecture/ai-ml/openai/architecture/log-monitor-azure-openai

#openai #azureopenai #monitoring #logging #sentinel #siem #log #loganalytics #azuread #API #AppGateway #azure #architecture #cybersecurity #ai #llm #aisecurity #microsoft #cloud #cloudnative

𝐈𝐦𝐩𝐥𝐞𝐦𝐞𝐧𝐭 𝐥𝐨𝐠𝐠𝐢𝐧𝐠 𝐚𝐧𝐝 𝐦𝐨𝐧𝐢𝐭𝐨𝐫𝐢𝐧𝐠 𝐟𝐨𝐫 𝐀𝐳𝐮𝐫𝐞 𝐎𝐩𝐞𝐧𝐀𝐈 𝐦𝐨𝐝𝐞𝐥𝐬

Azure OpenAI offers built-in logging and monitoring capabilities.

However, it's important to note that the default cognitive service logging doesn't capture or store details such as prompts, tokens, and models used as inputs and outputs of the service.

These metrics are particularly crucial for compliance and ensuring the service functions as intended. 📌

The following solution provides comprehensive logging and monitoring, as well as enhanced security for enterprise deployments of the Azure OpenAI Service API.

Take a look: https://learn.microsoft.com/en-us/azure/architecture/ai-ml/openai/architecture/log-monitor-azure-openai

#openai #azureopenai #monitoring #logging #sentinel #siem #log #loganalytics #azuread #API #AppGateway #azure #architecture #cybersecurity #ai #llm #aisecurity #microsoft #cloud #cloudnative

𝐈𝐦𝐩𝐥𝐞𝐦𝐞𝐧𝐭 𝐥𝐨𝐠𝐠𝐢𝐧𝐠 𝐚𝐧𝐝 𝐦𝐨𝐧𝐢𝐭𝐨𝐫𝐢𝐧𝐠 𝐟𝐨𝐫 𝐀𝐳𝐮𝐫𝐞 𝐎𝐩𝐞𝐧𝐀𝐈 𝐦𝐨𝐝𝐞𝐥𝐬

Azure OpenAI offers built-in logging and monitoring capabilities.

However, it's important to note that the default cognitive service logging doesn't capture or store details such as prompts, tokens, and models used as inputs and outputs of the service.

These metrics are particularly crucial for compliance and ensuring the service functions as intended. 📌

The following solution provides comprehensive logging and monitoring, as well as enhanced security for enterprise deployments of the Azure OpenAI Service API.

Take a look: https://learn.microsoft.com/en-us/azure/architecture/ai-ml/openai/architecture/log-monitor-azure-openai

#openai #azureopenai #monitoring #logging #sentinel #siem #log #loganalytics #azuread #API #AppGateway #azure #architecture #cybersecurity #ai #llm #aisecurity #microsoft #cloud #cloudnative

𝐈𝐦𝐩𝐥𝐞𝐦𝐞𝐧𝐭 𝐥𝐨𝐠𝐠𝐢𝐧𝐠 𝐚𝐧𝐝 𝐦𝐨𝐧𝐢𝐭𝐨𝐫𝐢𝐧𝐠 𝐟𝐨𝐫 𝐀𝐳𝐮𝐫𝐞 𝐎𝐩𝐞𝐧𝐀𝐈 𝐦𝐨𝐝𝐞𝐥𝐬

Azure OpenAI offers built-in logging and monitoring capabilities.

However, it's important to note that the default cognitive service logging doesn't capture or store details such as prompts, tokens, and models used as inputs and outputs of the service.

These metrics are particularly crucial for compliance and ensuring the service functions as intended. 📌

The following solution provides comprehensive logging and monitoring, as well as enhanced security for enterprise deployments of the Azure OpenAI Service API.

Take a look: https://learn.microsoft.com/en-us/azure/architecture/ai-ml/openai/architecture/log-monitor-azure-openai

#openai #azureopenai #monitoring #logging #sentinel #siem #log #loganalytics #azuread #API #AppGateway #azure #architecture #cybersecurity #ai #llm #aisecurity #microsoft #cloud #cloudnative

𝐈𝐦𝐩𝐥𝐞𝐦𝐞𝐧𝐭 𝐥𝐨𝐠𝐠𝐢𝐧𝐠 𝐚𝐧𝐝 𝐦𝐨𝐧𝐢𝐭𝐨𝐫𝐢𝐧𝐠 𝐟𝐨𝐫 𝐀𝐳𝐮𝐫𝐞 𝐎𝐩𝐞𝐧𝐀𝐈 𝐦𝐨𝐝𝐞𝐥𝐬

Azure OpenAI offers built-in logging and monitoring capabilities.

However, it's important to note that the default cognitive service logging doesn't capture or store details such as prompts, tokens, and models used as inputs and outputs of the service.

These metrics are particularly crucial for compliance and ensuring the service functions as intended. 📌

The following solution provides comprehensive logging and monitoring, as well as enhanced security for enterprise deployments of the Azure OpenAI Service API.

Take a look: https://learn.microsoft.com/en-us/azure/architecture/ai-ml/openai/architecture/log-monitor-azure-openai

#openai #azureopenai #monitoring #logging #sentinel #siem #log #loganalytics #azuread #API #AppGateway #azure #architecture #cybersecurity #ai #llm #aisecurity #microsoft #cloud #cloudnative

𝐆𝐞𝐭 𝐢𝐧𝐜𝐢𝐝𝐞𝐧𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐟𝐫𝐨𝐦 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬 𝐟𝐨𝐫 𝐗𝐃𝐑 𝐢𝐧 𝐭𝐡𝐞 𝐒𝐎𝐂 𝐭𝐨𝐨𝐥𝐬 𝐲𝐨𝐮 𝐮𝐬𝐞

Microsoft Defender Experts for XDR is a managed extended detection and response service that augments security operations centers (SOCs) for customers who use Microsoft 365 Defender services:

▶️Microsoft Defender for Endpoint

▶️Microsoft Defender for Office 365

▶️Microsoft Defender for Identity

▶️Microsoft Defender for Cloud Apps

▶️Microsoft Entra AD

Through a combination of automation and human expertise, it triages Microsoft 365 Defender incidents, prioritizes them on your behalf, filters out the noise, carries out detailed investigations, and provides actionable response to your SOC.

In this blogpost, we share how you can get incident updates from the investigation and response work Defender Experts do – right into the SOC tools you already use.

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/get-incident-updates-from-defender-experts-for-xdr-in-the-soc/ba-p/3874175

#defender #expert #defenderexpert #xdr #microsoft #soc #siem #soar #analyst #investigation #triage #managedextendeddetectionresponse #managedxdr #managedservice #mssp #mde #mdo #mdi #entraid #azuread #cloud #cloudnative #cloudsecurity

𝐆𝐞𝐭 𝐢𝐧𝐜𝐢𝐝𝐞𝐧𝐭 𝐮𝐩𝐝𝐚𝐭𝐞𝐬 𝐟𝐫𝐨𝐦 𝐃𝐞𝐟𝐞𝐧𝐝𝐞𝐫 𝐄𝐱𝐩𝐞𝐫𝐭𝐬 𝐟𝐨𝐫 𝐗𝐃𝐑 𝐢𝐧 𝐭𝐡𝐞 𝐒𝐎𝐂 𝐭𝐨𝐨𝐥𝐬 𝐲𝐨𝐮 𝐮𝐬𝐞

Microsoft Defender Experts for XDR is a managed extended detection and response service that augments security operations centers (SOCs) for customers who use Microsoft 365 Defender services:

▶️Microsoft Defender for Endpoint

▶️Microsoft Defender for Office 365

▶️Microsoft Defender for Identity

▶️Microsoft Defender for Cloud Apps

▶️Microsoft Entra AD

Through a combination of automation and human expertise, it triages Microsoft 365 Defender incidents, prioritizes them on your behalf, filters out the noise, carries out detailed investigations, and provides actionable response to your SOC.

In this blogpost, we share how you can get incident updates from the investigation and response work Defender Experts do – right into the SOC tools you already use.

https://techcommunity.microsoft.com/t5/microsoft-security-experts-blog/get-incident-updates-from-defender-experts-for-xdr-in-the-soc/ba-p/3874175

#defender #expert #defenderexpert #xdr #microsoft #soc #siem #soar #analyst #investigation #triage #managedextendeddetectionresponse #managedxdr #managedservice #mssp #mde #mdo #mdi #entraid #azuread #cloud #cloudnative #cloudsecurity

If you've been living under the impression that 100% of all configuration changes in Entra ID are audited or audited to a degree of value... you'd be wrong.

From a recent bit of analysis in what's in, or, what's not in, Entra ID audit logs, I've written up some findings and thoughts.

#entra #EntraID #aad #azuread #azureactivedirectory #m365 #mvpbuzz #microsoft #infosec #identitysecurity #azure

https://ericonidentity.com/2023/08/29/dude-wheres-my-audit-logs/

𝗠𝗶𝗰𝗿𝗼𝘀𝗼𝗳𝘁 𝗘𝗻𝘁𝗿𝗮 𝗣𝗿𝗶𝘃𝗮𝘁𝗲 𝗔𝗰𝗰𝗲𝘀𝘀: 𝗔𝗻 𝗜𝗱𝗲𝗻𝘁𝗶𝘁𝘆-𝗖𝗲𝗻𝘁𝗿𝗶𝗰 𝗭𝗲𝗿𝗼 𝗧𝗿𝘂𝘀𝘁 𝗡𝗲𝘁𝘄𝗼𝗿𝗸 𝗔𝗰𝗰𝗲𝘀𝘀 𝗦𝗼𝗹𝘂𝘁𝗶𝗼𝗻

Private Access in Microsoft's SSE solution offers secure, controlled access to private resources using Zero Trust principles, expanded from the existing Entra ID Application Proxy. It supports a range of protocols, authentication methods, and anomaly detection, all benefiting from Microsoft's extensive global network.

Find out more info:

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/microsoft-entra-private-access-an-identity-centric-zero-trust/ba-p/3905451

Here's a summarized breakdown of the provided information:

1️⃣Private Access in Microsoft's SSE Solution:

✔️Built on Zero Trust principles.

✔️Verifies every user and enforces least privilege.

✔️Grants access only to needed private applications and resources.

2️⃣Expansion of Entra ID Application Proxy:

✔️Private Access extends capabilities of Entra ID Application Proxy in Microsoft Entra.

✔️Evolves into a comprehensive Zero Trust Network Access (ZTNA) solution.

✔️Shares connectors but offers expanded functionalities.

3️⃣Access to Any Private Resource:

✔️Simplifies and secures access to private resources on any port and protocol.

✔️Policies enable secure, segmented, and granular access to corporate network apps.

✔️Covers on-premises, cloud-based applications, and more.

4️⃣Granular Access Controls and Anomaly Detection:

✔️Conditional Access policies offer per-app, least privilege controls.

✔️Contextual information about users, devices, and locations enhances policies.

✔️Anomalies or changes trigger session termination or stronger authentication.

5️⃣Secure Access Across Ports and Protocols:

✔️Private Access enables secure entry to applications, regardless of location.

✔️Works with various protocols, including RDP, SSH, SMB, FTP, TCP, and UDP.

6️⃣Diverse Authentication Methods:

✔️Supports single sign-on (SSO) via SAML, http headers, or legacy Kerberos.

✔️No need for application modifications.

7️⃣Microsoft's Global Network Advantage:

✔️Private Access utilizes Microsoft's vast global network for delivery.

✔️Enhanced security and faster access compared to traditional VPNs.

✔️Optimized connection for hybrid and remote work scenarios.

#microsoft #entra #sse #ZTNA #ZeroTrustNetworkAccess #ZeroTrust #sso #saml #mfa #conditionalaccess #azuread #securityserviceedge #vpn #azure #cloud #cloudsecurity

𝗖𝗼𝗻𝗳𝗶𝗴𝘂𝗿𝗲 𝗝𝘂𝘀𝘁-𝗶𝗻-𝗧𝗶𝗺𝗲 𝗔𝗰𝗰𝗲𝘀𝘀 𝘁𝗼 𝗠𝟯𝟲𝟱 𝗗𝗲𝗳𝗲𝗻𝗱𝗲𝗿

🔵Entra ID (formerly Azure AD) offers the Privileged Identity Management (PIM) for Groups feature, enabling users to attain just-in-time membership and ownership of groups, thus governing access to a range of services.

🔵M365 Defender unified RBAC workloads offers centralized permissions management for the following services:

➡️Defender for Endpoint

➡️Defender for Identity

➡️Defender for Cloud Apps

➡️Defender for Office 365

➡️Microsoft Defender Vulnerability Management

➡️Secure score

PIM for Groups paired with M365 Defender RBAC offers a solution for just-in-time Defender access.

Find out more details: https://techcommunity.microsoft.com/t5/security-compliance-and-identity/configure-just-in-time-access-to-m365-defender/ba-p/3764564

#azure #azuread #entraid #identity #rbac #m365defender #xdr #justintime #pim #pam #mde #mdo #mdi #securescore #mdca #casb #microsoft #microsoftsecurity #soc #cloud #cloudsecurity #cloudnative

If you're in the #NYC area come see me and a bunch of other fabulous folks speak on #identity #security at HIP Global 2023.

It's a free two-day conference at the Microsoft Times Square office.

I'll be digging into #phishing resistant authentication with #EntraID

#hipconf #azuread #m365 #infosec #microsoft #azure #aad #conference #cybersecurity #activedirectory #fido2 #Passkeys

https://www.accelevents.com/e/hip-global-2023

Finally took some time to read the Wiz article regarding Storm-0558 in depth, and working on a blog post that dissects it all.

While we all make mistakes, considering that Wiz knows they are a golden child, they really should do better.

It's hard to not speculate that they spent zero time trying to understand how OpenID Connect and OAuth 2.0 function before authoring the article, based on how poorly written it is from an identity terminology perspective.

#wiz #microsoft #entraid #Storm0558 #aad #entra #azuread #infosec

How often do you audit and review if you have CA policy gaps in your organization to meet best practices?

See best practices and report here:
https://learn.microsoft.com/en-us/azure/active-directory/reports-monitoring/workbook-conditional-access-gap-analyzer

#microsoft #security #entra #entraid #azuread #o365 #office365 #conditionalaccess #cloudsecurity #identity

https://buff.ly/3n0GNCT 5 Great Reasons to Use Azure Conditional Access for Azure Active Directory by @mrdenny was recently published to show people what the benifits are Azure Conditional Access are. #AzureAD #conditionalAccess

Announcing General Availability of Authenticator Lite (in Outlook)

"Authenticator Lite (in Outlook) expands the opportunity to convert users by bringing the enhanced security of push notifications to devices that have not yet downloaded the Microsoft Authenticator App. "

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/announcing-general-availability-of-authenticator-lite-in-outlook/ba-p/3773136

#microsoft #security #mfa #entra #azuread #azureactivedirectory #authenticatorapp #outlook #phone #azure #microsoftsecurity #identity #idp #authentication #cloud #cloudnative #ios #android #mobile

Microsoft has announced that API keys will be retired for querying application insights. Users will need to transition to Azure AD authentication, which provides additional features such as multi-factor authentication and hybrid integration for password protection policies. The deadline for transitioning to... https://azure.microsoft.com/en-us/updates/transition-to-azure-ad-to-query-data-from-azure-monitor-application-insights-by-31-march-2026/ #AzureAD #APIkeys #applicationinsights #softcorpremium

The article "How to Find Azure AD Users Using PowerShell" from Tony Redmond explains how to use PowerShell commands to search and filter users in Azure Active Directory (AD). Various filtering options are presented to search for users efficiently. The use of variables and loops is also explained to execute multiple commands in a script. Finally, the article describes how to export the user data found.
Read the full article: https://bit.ly/42wqKfc

#PowerShell #AzureAD #UserManagement

📢 Find out new Microsoft Entra Features:

➡Identity security / protecting Identities

🔸 Azure AD Recommendations

🔸 More information on why a sign-in was flagged “unfamiliar”

➡Identity modernization

🔸Converged Authentication Methods

🔸Granular device management using custom roles

🔸Azure AD Single-Sign-On enhancements

🔸Attribute Name format for SAML claims

🔸Apply RegEx Replace to the group claim content

🔸Multiple instances of the same application (IDP- and SP-initiated)

🔸 Persistent NameID for IDP-initiated apps

🔸AD FS migration advisor in Microsoft 365 admin center

➡Identity Governance

🔸New SCIM connector for ServiceNow

🔸Provisioning insights workbook

🔸 Expanding Privileged Identity Management (PIM) role activation across the Azure portal

➡Identity for multicloud

🔸Workload Identity Federation for Managed Identities

➡Passwordless

🔸Multiple Passwordless Phone Sign-in for iOS devices

https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/new-microsoft-entra-features-now-available/ba-p/2967447

#microsoft #azure #security #entra #azuread #azureactivedirectory #aad #epm #identity #pim #multicloud #passwordless #ios #saml #servicenow #sso #singlesignon #cloudidentity #governance #identitygovernance #iam #iag #microsoft365 #microsoft365defender

App Governance add-on will be included in Defender for Cloud Apps at no additional cost!

App Governance is a security and policy management capability designed for OAuth-enabled apps registered in Azure Active Directory (Azure AD), Google Workspace and Salesforce.

It delivers full visibility, remediation, and governance into how these apps and their users access, use, and share sensitive data stored in Microsoft 365 through actionable insights and automated policy alerts.

It also proactively helps organizations maintain their app hygiene by providing a view into OAuth apps that are unused, expiring or have unused credentials and ways to remediate these potential vulnerabilities.

https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/rsa-news-taking-xdr-for-saas-apps-to-the-next-level-app/ba-p/3804722

#microsoft #azure #security #data #management #cloud #google #salesforce #casb #SSPM #SecurityPostureManagement #xdr #cloudsecurity #soc #cloudsecurity #azuread #OAuth #OAuthabuse #phishing #consent #e5 #appgovernance

Microsoft has now released Windows LAPS for Azure AD into public preview!

https://techcommunity.microsoft.com/t5/intune-customer-success/announcing-windows-laps-management-through-microsoft-intune/ba-p/3801584

#LAPS #Microsoft #Azure #AzureAD #infosec

Practical Protection: Azure AD Apps and Tenancy

📍The “Tenant”
📍What “Tenancy” Means: Theory
📍What “Tenancy” Means: Practice
📍What Apps Do You Have?
📍But Seriously

https://bit.ly/3KuHTyv
#Microsoft365 #AzureAD #Tenancy #Practical365

#Token #revocation and #expiration in #AzureAD is important in terms of responding to #security #incidents affecting Azure AD. How and when do tokens expire or what are the revocation options?

#Access tokens typically have an expiration time of 60 minutes. And there is no way to manually invalidate an access token except by manually deleting the token in the cache on the device.

#Refresh tokens typically have a default expiration of 90 days. However, refresh tokens can be invalidated by an admin from the Azure portal or using PowerShell or the Graph API.

A Primary Refresh Token (#PRT) is invalidated when the Azure AD account is disabled or deleted, the user password is changed or reset, or the device where the PRT was issued is disabled or deleted.

Complete guidance on how to get off of that ADFS narcotic.
"Active Directory Federation Services (AD FS) decommission guide" | Microsoft Learn
https://learn.microsoft.com/en-us/windows-server/identity/ad-fs/decommission/adfs-decommission-guide
#adfs #AzureAD #identity #msftadvocate