Identity Management

Microsoft has recently unveiled critical vulnerabilities within OpenMetadata’s open-source metadata repository. The security flaws could allow cybercriminals to execute remote code attacks on unpatched Kubernetes clusters. OpenMetadata is an open-source platform that offers a centralized metadata management solution for data lakes, pipelines, and warehouses. It enables businesses to discover, understand, and govern their data assets…

Microsoft has released a new update for its Loop app that should make it easier for users to find and access relevant information. Microsoft Loop users can now apply filters to the content in Loop Tables and Boards. Microsoft first announced its Loop app in November 2021. The new productivity app, which is built on…

One of the main reasons that application governance is often overlooked, as it relates to an organization’s cloud security posture, is because the topic is not fully understood. . However, it is vitally important to understand the fundamentals of Microsoft Entra ID (formerly Azure Active Directory)  – tenants, app registrations, enterprise apps, and consent –…

Advanced password attacks, like brute force and those launched by malicious insiders, are devastating the security of today’s enterprises and cloud services. ADSelfService Plus from ManageEngine can protect web properties from such attacks with multi-factor authentication (MFA). Multi-factor authentication is the best way to protect Active Directory and cloud-based user accounts As the impacts of…

Purple Knight is a free security assessment tool for Microsoft Active Directory that scans the AD environment for indicators of exposure (IOEs) and indicators of compromise (IOCs), provides an overall security score, and offers remediation guidance from identity security experts. This article is sponsored by Semperis. Recently, Petri interviewed several organizations in North America to…

Microsoft Entra ID, formerly Azure Active Directory (AD), is Microsoft’s cloud-native identity management platform. It only takes one compromised Entra ID user account to consent to a rogue app that siphons all the user’s Microsoft 365 data or to take over their mailbox. Business Email Compromise (BEC) amounts to $8 million in losses on a…

When newly installed, Active Directory’s (AD) default configuration is designed to be easy to use. As a result, attackers can exploit AD to take over your entire network with relative ease. Here’s what you can do to further protect your organization by reducing your Active Directory attack surface. This article is sponsored by Semperis. Securing…

Microsoft has announced the general availability of the activity logs feature in Microsoft Graph. This capability enables organizations to gain insights into all HTTP requests that the Microsoft Graph service received and processed for a specific tenant. Microsoft Graph is an API that collects user and organizational data from various Microsoft services, including Microsoft 365,…

Petri.com was recently asked by Cayosoft to conduct a survey amongst our audience regarding Active Directory (AD) downtime and disaster recovery strategies. Petri.com’s extensive experience in the marketplace, coupled with our standing as a representative voice for IT Professionals, allows us to bring distinct insights into prevailing trends and their evolution over time. The survey,…