Detecting Kerberoasting activity using Azure Security Center

Kerberoasting, a term coined by Tim Medin, is a privilege escalation technique which proves to be very effective in extracting service account credentials in a domain environment. A service account is standard user account that has been configured with the specific task of running a service or scheduled task. Many organizations are using service accounts…

0

List of Azure Active Directory Audit Activities

Hi all, Audit logs in Azure Active Directory help customers to gain visibility about users and group management, managed applications and directory activities in their cloud-based Active Directory. Using the logs you can detect and investigate security incidents, and review important configuration changes. By using the Graph API, which provides programmatic access to Azure AD,…

3

Quickpost: Encrypting Azure Virtual Machine using BitLocker

Here are the steps that are required to encrypt the disk of Azure Virtual Machine. This is a very high level overview of the process, and I do recommend on reading the full guide: https://docs.microsoft.com/en-us/azure/security-center/security-center-disk-encryption#run-the-azure-disk-encryption-prerequisites-powershell-command Open Azure portal and navigate to the virtual machine (Windows 2008 R2 and above) you want to encrypt and then…

0

How to reset the password in Windows on Azure ARM based VM?

Azure has two different deployment models for creating and working with resources: Resource Manager and classic.   For classic machines you can easily reset the password using the portal or PowerShell, however these options are not available yet for virtual machines created by Resource Manager:     You can still reset the password by using…

3