[blog]

The authority on identity and security in Microsoft

Does securing your business keep you up at night? Sleep better staying in the know – read our experts’ unique takes on trends in cybersecurity.

Application Access Control Restrictions via Claims in Azure AD B2C

Adam Zucker
| May 11, 2022

In this post learn how to implement claims-based application access control when Azure AD B2C is federated with another identity provider. [...]

How to Federate a SAML Application with Azure AD B2C

Adam Zucker
| March 31, 2022

In this blog, I’ll show you how to configure a service provider-initiated SAML application to integrate with Azure AD B2C. [...]

Remediating LDAP Client Security

Ravenswood Contributor
| March 24, 2022

Remediating LDAP security issues is important because the default configurations on domain controllers (DCs) and clients are open to various attacks. Learn how to remediate those issues. [...]

Monitoring for LDAP Client Security

Ravenswood Contributor
| March 16, 2022

Applications that use Lightweight Directory Access Protocol (LDAP) are prevalent in virtually every organization that uses Active Directory (AD). Unfortunately, the default AD configuration provides opportunities for insecure LDAP connections. [...]

Introduction to Azure AD B2C Custom Policies

Andy Schneider
| March 9, 2022

Azure AD B2C offers authentication as a service. Knowing the trade-offs between out-of-the-box user flows and custom policies can be a huge advantage. [...]

A Farewell to Viral Tenants

David Conners
| January 12, 2022

Microsoft announced that after October 31, 2021, viral Azure Active Directory tenants would no longer be created for B2B collaboration. [...]

Identifying Inactive Users in a Remote Hybrid World

David Conners
| November 4, 2021

Inactive accounts that aren’t disabled in a timely manner threaten your AD environment. Cleanup of these accounts is crucial to keeping an organization secure. [...]

Enhancing Your Zero-Trust Security Strategy with Conditional Access Authentication Context

Brian Desmond
| October 19, 2021

Deciding who can access data is a key part of zero-trust. With Azure AD authentication contexts and other tools, you can do exactly this. [...]

Fun with ADSI: Shortcuts for Binding to Active Directory Objects

David Conners
| October 6, 2021

Shortcuts for when you’re building scripts to work with AD or working on servers with limited access to tools. [...]

Password Spray Attack Defense with Entra ID

Brian Desmond
| September 23, 2021

Until passwordless authentication is a more viable option, we must take steps to defend against password spray attacks. Azure Active Directory can help. [...]

Entra ID Connect Installation with Granular Permissions

Ravenswood Contributor
| September 16, 2021

Azure Active Directory Connect (AADC) installation creates a set of permissions that in most cases does not follow the concept of least privilege. [...]

AD Roles: Enterprise Admins and Schema Admins

Andy Schneider
| September 7, 2021

The first domain in an AD forest is unique. There are two groups in this domain that we must be aware of: Enterprise Admins and Schema Admins. [...]