Microsoft has previewed a new security feature that allows the use of the Microsoft Authenticator app to log in to Azure without the need for a password. This is relevant because one of the most common ways to steal passwords today is through a keylogger, which captures the password and username as the user types. However, this is just one of the problems it solves. Another important issue is to avoid password storage.
Yesterday (10/11/2019) I had the great pleasure of speaking with my friend Clairo Dorneles, voluntarily at the CloudUp event – 3rd Edition. We simulated a live threat and automated response through Azure Sentinel, Microsoft’s SIEM tool. THANK YOU to everyone who participated in this great event and especially to the organizers Erik Filippini and Felipe Santos for the invitation.
Conditional access policies are if-then instructions, if a user wants to access a resource, then they must complete an action first.
According to Microsoft, commonly applied policies are:
Require multifactor authentication for users with administrative roles Require multifactor authentication for Azure management tasks Block user entries attempting to use legacy authentication protocols Require trusted locations for Azure Multifactor Authentication registration Block or allow access in specific locations Block risky sign-in behaviors Require organization-managed devices for specific applications
Very important, to use this feature you must have at least one “premium” license from your Azure Active Directory.
After much dedication in organizing the 2nd AzureRS meeting, we had a full day on Saturday with 7 high-quality lectures. The level of discussions was great, knowledge here and there. At this same event, I presented Azure Sentinel, as well as performed a demo with my friend Clairo Dorneles, where in real-time, we simulated an attack and threat detection.