Cloud Business & Technology -

M365 Log-Size Calculation for Sentinel

29. May 202428. May 2024 by Yannic Graber

Microsoft Sentinel is ideal for extending the functions of Microsoft Defender XDR and other Defender products. I have already explained this in more detail in the blog entry https://www.graber.cloud/microsoft-sentinel-for-microsoft-365-a-must-have/. But what does Microsoft Sentinel for Microsoft 365 actually cost? There is no clear answer to this question, which is due to the difficulty of calculating the M365 log size for Microsoft Sentinel. This blog deals with precisely this question. It is intended to serve as a guide for cost estimation and shed some light on the darkness of log size and Sentinel costs. M365 Log-Size Calculation for Sentinel - a guide to cost estimation.

Microsoft Sentinel for Microsoft 365 – a must have!

12. December 2023 by Yannic Graber

Microsoft Sentinel is a cloud-native SIEM and SOAR solution. Microsoft 365 offers integrated security functions for Azure Active Directory (Entra), Microsoft Defender for Office 365, Microsoft Defender for Endpoint and Microsoft Cloud App Security. However, these features do not cover all possible attack vectors and vulnerabilities that hackers could exploit. In this blog post, I explore how Microsoft Sentinel extends the capabilities of Microsoft Defender XDR (and other Defender products).

AADSTS50131: Device is not in required device state

17. August 2023 by Yannic Graber

Banner for blogpost on how to resolve aadsts50131 error

The error "AADSTS50131: Device is not in required device state" is not encountered every day. But when it does occur, many are often at a loss. Not least because this error and its cause is hardly documented or difficult to find. You can find out how to fix the AADSTS50131 error here.

Defender for Servers without Azure Arc

12. June 2023 by Yannic Graber

Header for Blogpost "Defender for Cloud without Azure Arc

If you want to protect your servers from cyber threats, you may be relying on Defender for Servers from Microsoft, a leader in the Gartner Magic Quadrant. Microsoft has now announced the direct onboarding of Defender for Servers without Azure Arc and is now officially available. Direct onboarding is a new feature that allows you to add the servers you want to protect to Defender for Servers without needing Azure Arc for Servers. In this blog post, I'll explain what this means, the benefits of this option, and who can benefit from it. I will also compare the new option with Azure Arc for Servers.

Protecting AAD identities with the right MFA method

17. April 202316. April 2023 by Yannic Graber

It's no secret: cyberattacks are becoming more frequent and more sophisticated. But even the simplest techniques often lead the attackers to success. After all, the weakest link in the defense against cyber attacks is the human being. In this post, I show how you can protect Azure Active Directory (AAD) identities with the right MFA method without neglecting the human factor. Not only is the security aspect important to consider, but also user acceptance.

Number Matching MFA Rollout

25. January 2023 by Yannic Graber

Azure multi-factor authentication (MFA) is undergoing a major change with the global rollout of the "Number Matching" feature for all Azure tenants. The now announced and dated rollout is the next step in Microsoft's push toward "passwordless" authentication.

Azure AD Connect Cloud Sync Announcement

4. January 2023 by Yannic Graber

Azure AD Connect (AADC) is an identity synchronization tool from Microsoft, responsible for synchronizing identity data from the local directory service to Azure Active Directory (AAD). Microsoft is announcing that the Azure AD Connect identity synchronization tool is giving way to a successor and will likely be retired in the future. Microsoft's announcement states that the successor, Azure AD Connect Cloud Sync, will take over completely.

Azure Files and Kerberos Support - A Cloud Story

5. October 2022 by Yannic Graber

Back in 2021, Kerberos support for Azure AD was available as a preview. A lot has happened since then and the three-headed hellhound continues to make its way and shake up the cloud. This article is a collection of information on what Azure AD with Kerberos and Azure Files already provides and where the journey will go. This is because support for Azure Files with Kerberos has also recently been publicly communicated, although at the time of writing this article it is still in preview.

Azure Application Gateway WAF Rules Evaluation

20. July 2022 by Yannic Graber

In this short article I will give an example of how the evaluation of the "WAF Custom Rules" and "Managed Rules" of the "Azure Application Gateway" works.

Application Gateway WAF v2 Custom Rules

20. July 202219. July 2022 by Yannic Graber

The Application Gateway WAF v2 has brought some new features compared to v1, including the ability to create "WAF Custom Rules". In this short article I would like to discuss these "Custom Rules" and show how you can successfully create them. I have added some hints to the article that are difficult or impossible to find in the Microsoft documentation.