A Closer Look At The Azure AD Joined Device Local Administrator Role And Endpoint Manager Account Protection Policy

Local Admin is a must needed account/ access that requires in a domain setup for so many reasons. Over the years Microsoft brought many options to manage these accounts in a secure manner. Restricted groups/ LAPS etc. With Azure AD and Endpoint Manager in the scene, many devices are moved to cloud managed rather than … Continue reading A Closer Look At The Azure AD Joined Device Local Administrator Role And Endpoint Manager Account Protection Policy

Microsoft 365 Defender – Advanced Threat Hunting Basics

With this post, I'm focussing anyone who is keen on knowing more about advanced features of MDE and how to get into that realm of threat hunting, and what are the controls available. So you have proper licensing enabled, and you have Microsoft Defender for Endpoint on your users' devices and they are onboarded to … Continue reading Microsoft 365 Defender – Advanced Threat Hunting Basics

Windows Autopatch – General Availability With Improvements

This is an update post on the much awaited Windows Autopatch service. This went from Public Preview to General Availability today (12/06/2022) and number of good improvements have been introduced and I would like to go through them. If you haven't read my previous posts on Windows Autopatch, please check them from below. Features Enrollment … Continue reading Windows Autopatch – General Availability With Improvements

An Attempt to Configure Defender for Endpoint and Endpoint Manager With the Same Device Tag

Most often the device tagging requirements are simple or you do have a set of tags for the devices that are enrolled in Intune and a set of tags for the devices onboarded in Defender for Endpoint. However there can be situations where you need both services to have the same device tagging setup. This … Continue reading An Attempt to Configure Defender for Endpoint and Endpoint Manager With the Same Device Tag

Get Notified When You Have Group Based License Assignment Issues

I'm considered as a citizen developer and I know the ways to get some automation happening when it needed the most. This is one of them. This has been in my head for a while and I've seen this happening many times. SO thought to do some findings, playing around with the tools to come … Continue reading Get Notified When You Have Group Based License Assignment Issues

Web Content Filtering with Microsoft Defender for Endpoint Advanced Features

I recently realised I haven't done much writing on Microsoft Endpoint Manager (MDE) side of things for a while. Web Content Filtering via MDE is a straight forward implementation and this will work on the devices that are onboarded currently. MDE has a lot of good features that makes it a next level XDR and … Continue reading Web Content Filtering with Microsoft Defender for Endpoint Advanced Features

Windows Autopatch – 3. Support Requests

This will be a short post, but I like to emphasize this great feature Windows Autopatch provides. In case you haven't seen the news, Windows Autopatch is now in Public Preview and I'm thrilled to write about it. Post 1 and Post 2 can be found below 1. Tenant Onboarding and Device Registration 2. Deployment … Continue reading Windows Autopatch – 3. Support Requests

Windows Autopatch – 2. Deployment Rings, Security Groups and Device Profiles

In case you haven't seen the news, Windows Autopatch is now in Public Preview and I'm thrilled to write my 2nd post about it. Post 1 can be found below 1. Tenant Onboarding and Device Registration In this post I will talking about the main component of the feature - Deployment Rings and Device Profiles. … Continue reading Windows Autopatch – 2. Deployment Rings, Security Groups and Device Profiles

Windows Autopatch – 1. Tenant Onboarding and Device Registration

Windows Autopatch is finally here and this will update your eligible Windows 10 and 11 devices and Office application. This is a IT admin hands off task as opposed to traditional Patch Tuesday and other patching events and internal IT admins can always open support tickets with Microsoft when required. This is Microsoft looking after … Continue reading Windows Autopatch – 1. Tenant Onboarding and Device Registration

Microsoft Entra – An Overview

Woke up to a nice little surprise from Microsoft this morning. Microsoft Entra. At first glance It looked like they have bundled the Identity and Access related products in to one portal and provides access via https://entra.microsoft.com According to Microsoft, this is a single pane of view for all Identity and Access related solutions, which … Continue reading Microsoft Entra – An Overview

Use Conditional Access Policies to Securely Register Security Information for MFA and SSPR

Hello there! This week I thought I will write one more article on Conditional Access Policies. As you know setting up an access policy is easy and it is basically mandatory to have one or more polices now, but you may have internal polices where anyone who is registering for MFA must do that in … Continue reading Use Conditional Access Policies to Securely Register Security Information for MFA and SSPR

How to use Log Analytics on Endpoint Manager

Ever since I learned about KQL I'm obsessed about it and what it can do in Azure Log Analytics space and this is my attempt on plugging another service to Log Analytics to experiment with the logs. KQL has proven to be a clever tool when it comes to dig deeper in to Log Analytics. … Continue reading How to use Log Analytics on Endpoint Manager