FireMon: How to Configure SAML SSO with Azure Active Directory (AzAD, AAD)
Read: 6 mins. This article goes over how to configure FireMon Single Sign-On with Azure Active Directory using the appropriate Group Claim schema.
Read: 6 mins. This article goes over how to configure FireMon Single Sign-On with Azure Active Directory using the appropriate Group Claim schema.
Read: 5 mins. This article covers three ways to audit Azure Active Directory Role changes, such as the Global Administrators: Azure Portal, Microsoft 365 Compliance Center, and Splunk (SIEM).
Read: 25 mins. Splunk is a GREAT tool to aggregate and correlate information from a variety of sources, and its SPL queries can help surface what you may need. In this post, we extend our previous Active Directory Account Lockout Troubleshooting article with Splunk Dashboards. SimpleXML source codes are provided to create visual representations of Windows Security event log data to aid with lockout investigations. They can also help identify data or behavior patterns and how many accounts are failing authentication over a specific time period.
Read: 10 mins. The myQ Chamberlain Smart Garage Control provides a homeowner the option to remotely control the garage door via a smartphone app with real-time notification and other conveniences, including scheduled closes for when you accidentally left it open. I had strong security and hacking concerns. See what they were, what steps I took to address them, and what I thought of the device.
Read: 15 mins. The need for reliable and speedy WiFi throughout the entire home has become important in modern times as more and more devices connect wirelessly. Like many consumers, you very likely came across dead spots in your house where the WiFi signal was either weak or non-existent. Consumer "mesh" WiFi routers promise to solve this issue, and in this article we will explore what they are, and how the Linksys Velop AC router compared to the Amazon Eero Pro.
Read: 3 mins. The Security Operations Center (SOC) noticed logins to Azure Active Directory (AAD) from yahoo.com and gmail.com email addresses and asked the IT Security team to investigate. At the time, we did not allow many B2B Guest credentials for those domains, but alarmingly, the accounts in question successfully authenticated even though they did not exist in our AAD tenant. Who were those people? Did we have a security breach? What did they access?