Every organization strives to reduce the attack surface of their infrastructure to make it secure and reliable.
As team members of the Microsoft Global Compromise Recovery Security Practice (CRSP), we’ve seen time and time again that by improving the security posture to make compromise more difficult than average, low-skill attackers usually give up quickly and move to the next target.
While talking about identities, Azure Active Directory (Azure AD), part of the Microsoft Entra product family, is a critical identity system leveraged by most of the organizations and it serves a single point for authentication and authorization of users against applications, resources and much more. It’s at the heart of an organization's zero trust strategy.
In this blog we discuss some Quick Wins to reduce the attack surface of Azure AD. From a technician's standpoint, these tasks are immediate and require minimal testing to get them rolled out in production.