Tag: cybersecurity

Azure Firewall’s Explicit Proxy feature (preview)

Hello Guys,

Azure Firewall is a cloud-native network security service that protects your Azure resources and applications. It operates in a transparent proxy mode by default, which means that traffic is sent to the firewall using a user defined route (UDR) configuration. The firewall intercepts that traffic inline and passes it to the destination.

However, there is another mode that you can use for your outbound traffic: Explicit proxy. This mode allows you to configure a proxy setting on the sending application, such as a web browser, with Azure Firewall acting as the designated proxy. This way, traffic from the sending application goes to the firewall’s private IP address and egresses directly from the firewall without the need for a UDR.

Continue reading “Azure Firewall’s Explicit Proxy feature (preview)”

Azure Firewall: DNS, DNS proxy and FQDN filtering


Hello, everyone !!!

Did you know that in Azure Firewall it is possible to do custom DNS filtering, using your Azure Firewall as a DNS proxy and even create rules based on FQDN (for non-HTTP/S and non-MSSQL protocols).

Continue reading “Azure Firewall: DNS, DNS proxy and FQDN filtering”

Configuring passwordless with your Authenticator APP

HEEYYY!!!

Microsoft has previewed a new security feature that allows the use of the Microsoft Authenticator app to log in to Azure without the need for a password. This is relevant because one of the most common ways to steal passwords today is through a keylogger, which captures the password and username as the user types. However, this is just one of the problems it solves. Another important issue is to avoid password storage.

microsoft-authenticator-app Continue reading “Configuring passwordless with your Authenticator APP”

Participation in the CloudUp event 2019

Yesterday (10/11/2019) I had the great pleasure of speaking with my friend Clairo Dorneles, voluntarily at the CloudUp event – 3rd Edition. We simulated a live threat and automated response through Azure Sentinel, Microsoft’s SIEM tool. THANK YOU to everyone who participated in this great event and especially to the organizers Erik Filippini and Felipe Santos for the invitation.

Continue reading “Participation in the CloudUp event 2019”

Creating rules for conditional access in Azure Active Directory to ENFORCE MFA (Multifactor Authentication) on your Administrators.

conditional-access-signal-decision-enforcementHello!!!

Conditional access policies are if-then instructions, if a user wants to access a resource, then they must complete an action first.

According to Microsoft, commonly applied policies are:

Require multifactor authentication for users with administrative roles Require multifactor authentication for Azure management tasks Block user entries attempting to use legacy authentication protocols Require trusted locations for Azure Multifactor Authentication registration Block or allow access in specific locations Block risky sign-in behaviors Require organization-managed devices for specific applications

Very important, to use this feature you must have at least one “premium” license from your Azure Active Directory.

As a demonstration, I will enforce MFA (Multifactor Authentication) for all administrative users. Continue reading “Creating rules for conditional access in Azure Active Directory to ENFORCE MFA (Multifactor Authentication) on your Administrators.”

The 2nd AzureRS Meeting was amazing!!

After much dedication in organizing the 2nd AzureRS meeting, we had a full day on Saturday with 7 high-quality lectures. The level of discussions was great, knowledge here and there. At this same event, I presented Azure Sentinel, as well as performed a demo with my friend Clairo Dorneles, where in real-time, we simulated an attack and threat detection.

Check out the photos:

Continue reading “The 2nd AzureRS Meeting was amazing!!”