In my previous blog post, I have explained how we can collect custom attribute values by using Azure AD user flows. We had custom attributes setup in Azure AD and when a guest user accesses an application for the first time, the values for these custom attributes will be collected by using user flows. Azure AD entitlement… READ MORE
As written in part 1, policies are used to maintain the state. The Azure portal itself contains a lot of OOTB policies, but you also want to create and deploy your own. In this article, we will go over how to deploy the policy definitions using GitHub Actions. In part 2, we deployed the definitions via Azure… READ MORE
As written in Part 1, policies are used to maintain the state. The Azure portal itself contains a lot of OOTB policies, but you also want to create and deploy your own. This part will go over how to deploy custom policy definitions using Azure DevOps. Script The script shared in part 1 is adjusted to read out… READ MORE
Intro In this part of the blog series, I want to focus on the GitHub Actions I created in the first part and explain what the Action performs. I will also add the vNet resources to my deployments. GitHub Actions explained To explain what is going on in the GitHub Action, I have added comments… READ MORE
Did you know you can connect Azure DevOps audit logs to Microsoft Sentinel and create detection rules and automated responses? You might have heard me speak at the Microsoft Scottish Summit (2022) about this topic and wanted to read more about it or implement this in your organisation. This blog post will walk you through… READ MORE
Selecting a partition key for your Cosmos DB is one of the most important choices you need to make for your Cosmos DB project. You really need to take your time and have a plan for your project. Where is this application will be in 1 year? 5 years? How much data are you planning… READ MORE
Changes to your Azure resources are quite common, and they are difficult to identify. Until now. Microsoft recently released (in preview) the ability to detect change events using Azure Resource Graph. Meaning you do not have to decipher the administrative events in the activity log of your resources. Much like the change tracking solution for Azure VMs.… READ MORE
What if I told you just using multi-factor authentication (MFA) wasn’t enough anymore? The Lapsus$ hacking group, who were at least partially made up of a group of teenagers in the UK, took a very targeted hacking approach. They used password stuffing to try to breach the password credentials of power users within organizations they were targeting.… READ MORE
Azure Functions can be defined as the cloud services that are available on the Azure portal providing updated infrastructure and resources that are needed for running the applications. It is used to build web APIs, respond to database changes, process IoT streams, manage message queues, and more. In this article, we will explore how to… READ MORE
Most typical reason I see that the SCM endpoint is not secured on App Services is that these apps are often updated by MS hosted Azure DevOps agent. Luckily you can increase the security of your app service greatly – If you previously did not have any network restrictions on SCM endpoint, you can now have the… READ MORE
