Microsoft has launched its new Purview Audit Search Graph API in public preview for commercial customers. This new API allows IT administrators to programmatically search and retrieve audit logs, improving how organizations track and secure their data usage. Microsoft Purview Audit is a feature that lets IT administrators monitor and track data usage and access...
Identity Management (or Identity and Access Management) is a fundamental aspect of modern IT security. It involves the processes and technologies used to manage and verify the identity of users accessing IT resources. A key IAM solution is Active Directory, a product by Microsoft that is widely recognized for its robustness and versatility in managing on-premises user identities.
Active Directory (AD) centralizes user and computer authentication and authorization, allowing IT administrators to control user access to various network resources effectively. This is especially crucial for large organizations with complex structures and lots of users, where maintaining individual user accounts wouldn’t be practical. Active Directory streamlines management by providing a single, unified platform for identity management, enhancing security and operational efficiency.
Expanding the principles of Identity and Access Management to the cloud, Microsoft introduced 'Microsoft Entra ID' (formerly Azure Active Directory). It is a solution designed to simplify and secure the management of user identities for cloud-native applications.
Entra ID extends beyond the traditional boundaries of on-premises networks, embracing cloud services and mobile applications. Microsoft Entra ID offers enhanced features like multi-factor authentication (MFA), conditional access policies, and integrated identity governance capabilities.
Microsoft Entra ID is the IAM used by Microsoft 365. Entra ID can also be used in conjunction with on-premises Windows Server Active Directory, giving organizations the ability to extend their existing directory service to the cloud.
Microsoft has recently unveiled critical vulnerabilities within OpenMetadata’s open-source metadata repository. The security flaws could allow cybercriminals to execute remote code attacks on unpatched Kubernetes clusters. OpenMetadata is an open-source platform that offers a centralized metadata management solution for data lakes, pipelines, and warehouses. It enables businesses to discover, understand, and govern their data assets…
Microsoft has released a new update for its Loop app that should make it easier for users to find and access relevant information. Microsoft Loop users can now apply filters to the content in Loop Tables and Boards. Microsoft first announced its Loop app in November 2021. The new productivity app, which is built on…
Last Update: Apr 17, 2024
One of the main reasons that application governance is often overlooked, as it relates to an organization’s cloud security posture, is because the topic is not fully understood. . However, it is vitally important to understand the fundamentals of Microsoft Entra ID (formerly Azure Active Directory) – tenants, app registrations, enterprise apps, and consent –…
Last Update: Apr 17, 2024
Advanced password attacks, like brute force and those launched by malicious insiders, are devastating the security of today’s enterprises and cloud services. ADSelfService Plus from ManageEngine can protect web properties from such attacks with multi-factor authentication (MFA). Multi-factor authentication is the best way to protect Active Directory and cloud-based user accounts As the impacts of…
Last Update: Apr 17, 2024
Purple Knight is a free security assessment tool for Microsoft Active Directory that scans the AD environment for indicators of exposure (IOEs) and indicators of compromise (IOCs), provides an overall security score, and offers remediation guidance from identity security experts. This article is sponsored by Semperis. Recently, Petri interviewed several organizations in North America to…
Last Update: Apr 17, 2024
Microsoft Entra ID, formerly Azure Active Directory (AD), is Microsoft’s cloud-native identity management platform. It only takes one compromised Entra ID user account to consent to a rogue app that siphons all the user’s Microsoft 365 data or to take over their mailbox. Business Email Compromise (BEC) amounts to $8 million in losses on a…
Last Update: Apr 17, 2024
When newly installed, Active Directory’s (AD) default configuration is designed to be easy to use. As a result, attackers can exploit AD to take over your entire network with relative ease. Here’s what you can do to further protect your organization by reducing your Active Directory attack surface. This article is sponsored by Semperis. Securing…
Microsoft has announced the general availability of the activity logs feature in Microsoft Graph. This capability enables organizations to gain insights into all HTTP requests that the Microsoft Graph service received and processed for a specific tenant. Microsoft Graph is an API that collects user and organizational data from various Microsoft services, including Microsoft 365,…
Last Update: Apr 16, 2024
Petri.com was recently asked by Cayosoft to conduct a survey amongst our audience regarding Active Directory (AD) downtime and disaster recovery strategies. Petri.com’s extensive experience in the marketplace, coupled with our standing as a representative voice for IT Professionals, allows us to bring distinct insights into prevailing trends and their evolution over time. The survey,…