🎉1 Million Views in my Blog 🎉 When I started writing my blog, it was more of a personal notebook for what I considered important. The amount of information in the field has been exhausting for many…| Sam's Corner
As we approach the fourth anniversary of the Entra ID Attack and Defense Playbook in October 2024, it’s a perfect time to reflect on its evolution and the collective effort that has made it a valuable resource (based on the feedback) for security professionals. The playbook began as a vision to consolidate common attack scenarios […]| Sam's Corner
In a typical enterprise environment, numerous solutions and tools protect the digital landscape. Different tools check emails for phishing attempts, secure infrastructure, and the cloud, and provid…| Sam's Corner
Last spring, I teamed up with the amazing Raghavendra Boddu on a book project that consumed our days and nights for nine months, starting in July 2023 and ending in March 2024. During that time we …| Sam's Corner
Last week, I wrote the first part of the XSPM blog series: Microsoft Security Exposure Management (XSPM) Overview. Now, it’s time to continue the story, delve deep into the XSPM solution, and…| Sam's Corner
Staying ahead of potential threats is a top priority for organizations worldwide in the ever-evolving cybersecurity landscape. Modern and effective cybersecurity defenses are built on several essen…| Sam's Corner
Azure storage services offer a variety of options for storing and managing data in the cloud. However, storing data in the cloud also comes with some security risks and challenges that organizations should be aware of. Common questions around Azure Storage Accounts are: In this blog post, I will demonstrate how to monitor Azure Storage […]| Sam's Corner
At the end of September 2023, Microsoft Entra ID Protection received a new pretty cool feature that brings hybrid users to the same level of protection and auto-remediation as cloud users. The ability to remediate risk in Microsoft Entra ID Protection (former Azure AD Identity Protection) has been there for years already but in a […]| Sam's Corner
What’s the definition of an identity-based supply chain attack? An identity-based supply chain attack is a cyberattack that targets a trusted third-party vendor who provides critical supply chain services or software. In recent years, there has been a significant increase in security vulnerabilities related to cloud identities within the context of supply chain attacks. Suppose […]| Sam's Corner
In the ever-evolving landscape of cybersecurity, businesses face mounting challenges in protecting their critical assets from sophisticated threats. Managed Security Service Providers (MSSPs) have emerged as crucial partners, offering expertise and cutting-edge solutions to fortify defenses. In the MSSP (or MSP – Managed Service Provider) scenario, Azure Lighthouse plays a crucial role in providing MSSPs […]| Sam's Corner