Chris Beattie
@chrisbt.me
Irishman turned Aussie returned to Ireland; cyclist, infosec, dad.
Query for the #Entra nerds; have Continuous Access Evaluation and Token Binding always been enabled by default with supported apps even in the absence of a Conditional Access policy?
March 24, 2025 at 10:39 PM
Query for the #Entra nerds; have Continuous Access Evaluation and Token Binding always been enabled by default with supported apps even in the absence of a Conditional Access policy?
At the #CyberNIWeek25 conference today. Intro keynote from NCSC highlighted #passkeys as “greatest tool at our disposal to reduce cyber harm” and they’re keen to see them adopted rapidly at scale across UK. Will govt backing will boost awareness?
March 6, 2025 at 10:50 AM
At the #CyberNIWeek25 conference today. Intro keynote from NCSC highlighted #passkeys as “greatest tool at our disposal to reduce cyber harm” and they’re keen to see them adopted rapidly at scale across UK. Will govt backing will boost awareness?
Any #Entra folk come across a custom auth strength triggering a reset of MFA rego settings to Microsoft-managed when bound to a CA policy? Seems really weird and not documented but re-tested to be sure.
March 3, 2025 at 5:46 PM
Any #Entra folk come across a custom auth strength triggering a reset of MFA rego settings to Microsoft-managed when bound to a CA policy? Seems really weird and not documented but re-tested to be sure.
I never knew London was such a fan of Vulcans but when visiting the cable-cars I came across a hundred-foot tall game of Kal-toh!
February 16, 2025 at 10:32 PM
I never knew London was such a fan of Vulcans but when visiting the cable-cars I came across a hundred-foot tall game of Kal-toh!
A rare photo of spidey as he awaits the arrival of his party guests…
February 8, 2025 at 8:19 PM
A rare photo of spidey as he awaits the arrival of his party guests…
At a Palo Alto Networks course this week. They are crazy far behind Microsoft on their community engagement, training and certification. It’s almost like they don’t realise that in order to sell your expensive, complicated security products you kind of need people to know how to use them.
January 20, 2025 at 2:16 PM
At a Palo Alto Networks course this week. They are crazy far behind Microsoft on their community engagement, training and certification. It’s almost like they don’t realise that in order to sell your expensive, complicated security products you kind of need people to know how to use them.
This has got to be one of the most useful examples of AI: using nothing but a photo to analyse my diet.
January 9, 2025 at 8:53 PM
This has got to be one of the most useful examples of AI: using nothing but a photo to analyse my diet.
Piloting #Entra device-bound passkeys and the need to restrict to only specified AAGUIDs tripped me up. I carefully audited all in use in my org and added to the FIDO2 policy; all was fine until I realised the same settings apply to external users so I’d cut off our MS partner’s access 🤦♂️
December 2, 2024 at 5:14 PM
Piloting #Entra device-bound passkeys and the need to restrict to only specified AAGUIDs tripped me up. I carefully audited all in use in my org and added to the FIDO2 policy; all was fine until I realised the same settings apply to external users so I’d cut off our MS partner’s access 🤦♂️
What are the odds that the wifi auth protocol used by the org breached in the @volexity.com ‘nearest neighbour’ attack was PEAP and that the RADIUS server was NPS? And they weren’t using EAP-TLS because it’s too hard with Entra-joined devices? https://infosec.exchange/@volexity/113554780310320599
November 28, 2024 at 9:45 AM
What are the odds that the wifi auth protocol used by the org breached in the @volexity.com ‘nearest neighbour’ attack was PEAP and that the RADIUS server was NPS? And they weren’t using EAP-TLS because it’s too hard with Entra-joined devices? https://infosec.exchange/@volexity/113554780310320599
Another reason Microsoft should have EmailEvents logs included under the free Sentinel allowance; using Exchange message trace for the equivalent of ‘SenderFromDomain has’ is impossible.
November 19, 2024 at 10:03 AM
Another reason Microsoft should have EmailEvents logs included under the free Sentinel allowance; using Exchange message trace for the equivalent of ‘SenderFromDomain has’ is impossible.
It’s the academic paper on phishing sims I’ve been waiting for and the abstract alone is 🔥🔥 https://www.computer.org/csdl/proceedings-article/sp/2025/223600a076/21B7RjYyG9q
November 18, 2024 at 12:10 PM
It’s the academic paper on phishing sims I’ve been waiting for and the abstract alone is 🔥🔥 https://www.computer.org/csdl/proceedings-article/sp/2025/223600a076/21B7RjYyG9q
Seems like AI has squeezed everything else out of #Ignite this year. Where are all the exciting sessions on cool future product developments? And how is there not a session on Connected Cache, the most useful development in years for getting an org to the cloud? And only 3 title-mentions of ‘Entra’?
November 18, 2024 at 10:26 AM
Seems like AI has squeezed everything else out of #Ignite this year. Where are all the exciting sessions on cool future product developments? And how is there not a session on Connected Cache, the most useful development in years for getting an org to the cloud? And only 3 title-mentions of ‘Entra’?
Well, I've got rid of my Twitter account and under the policy of one out, one in, here I am!
November 14, 2024 at 7:37 PM
Well, I've got rid of my Twitter account and under the policy of one out, one in, here I am!