User Profile
eliekarkafy
MVP
Joined 3 years ago
User Widgets
Recent Discussions
What's new and What's learning period in Microsoft Defender for Identity.
In this blog post, I will explain an advanced settings capability available in the Microsoft Defender for Identity, which will help the security admins in evaluating the product and tweaking the sensitivity level of the alerts. What'sLearning Periodin MDI? What are thelatest enhancementsadded to that feature? https://www.linkedin.com/pulse/whats-new-learning-period-microsoft-defender-identity-elie-karkafyProtect your identities from a Token theft using Token Protection in Conditional Access
In this blog post, I will show you the steps required to enable the Token Protection feature using Conditional Access in Entra ID. Along with a brief simulation of the Token Theft and how Token protection will prevent the attacker from stealing the token. https://www.linkedin.com/pulse/protect-your-identities-from-token-theft-using-access-elie-karkafyAzure Active Directory | Workbooks | Sign-In Analysis (Preview: AAD & AD FS)
This workbook will help you analyze your organization's sign-ins for both Azure AD and AD FS Sign-Ins This workbook will show you the General Analysis and Error Analysis. General Analysis: :pushpin: Sign-in Activity Summary :pushpin: Sign-in Analysis by Location :pushpin: Sign-in Analysis by Device Error Analysis: :pushpin: Sign-in Activity Summary :pushpin: Top Sign-In Errors by User or IPAzure AD | Workload License
A new basic information on Azure Active Directory that shows the license type used for your Azure AD Workload identities. What is Workload identities? A workload identity is an identity used by a software workload (such as an application, service, script, or container) to authenticate and access other services and resources. In Azure AD, workload identities are applications, service principals, and managed identities. With Premium plan for workload identities, you can: :pushpin: Create Conditional Access Policies to target the workload access :pushpin: Monitor the workload identities using the lifecycle management :pushpin: Detect and remediate compromised workload identities using the identity protection. Microsoft Entra Workload Identities license plans FAQ - Microsoft Entra | Microsoft LearnAzure AD | Roles and administrators | Protected actions (Preview)
Add an additional layer of protection when a user attempts to perform a protected action, they must first satisfy the Conditional Access policies assigned to the required permissions. For example, to allow administrators to update Conditional Access policies, you can require that they first satisfy thePhishing-resistant MFApolicy.
