Microsoft has a lot of options to view Azure log data in one form or another. There is the Security Center, Azure Sentinel, Log Analytics, and Insights. This is fine for an Azure centric organization, but many organizations already have log collection systems in place such as Splunk, and using multiple logging platforms is not efficient. This article walks through sending Azure AD and Office 365 logs to Splunk.
Continue reading “Use Splunk to Collect Logs from Office 365 and Azure AD”
Azure Privileged Identify Management, or PIM, is a Microsoft service that enables management, control and monitoring of privileged access in Azure. In this video, I give you an introduction to Azure PIM. We go over the basics of on boarding a user to PIM, adding a user for active and eligible access, activating an eligible role, requiring an activation approval on a role and creating access reviews.
This video goes over two ways of restricting access to Microsoft Azures PaaS services; Service Endpoints and Private Endpoints. Both are used to restrict access to PaaS serviced, but work differently. The video gives an overview if the differences and then does a walkthrough of deploying Service Endpoints and Private Endpoints using an Azure Storage account as an example.
Continue reading “Azure Virtual Networking Service Endpoints and Private Endpoints”