Author: Heinrich Wiederkehr

Misc
by Florian Bausch

Insights into Entra ID’s (Un)Conditional Access

When looking at security measures in Microsoft Entra ID environments, a common recommendation is to implement Conditional Access policies.

Whether Conditional Access is implemented can be quickly checked, and you can put a check mark next to it in your best-practice compliance form. However, simply implementing conditional access will not provide much security. A phishing attack that we recently analyzed highlights this very well.

Continue reading “Insights into Entra ID’s (Un)Conditional Access”

Continue reading
Building
by Heinrich Wiederkehr

Some Things to Consider when Using EMET

In the light of the recent release of version 5.0 of Microsoft’s Enhanced Mitigation Experience Toolkit (EMET) on July 31, it seems to be more than appropriate to talk a bit about the new features and some general things to take into account when using EMET (for the new certificate pinning feature of EMET 4.0, see Friedwart’s comment). For all of you who don’t know EMET, in short, it’s a free mitigation tool for Windows developed by Microsoft, helping the user by preventing vulnerabilities in software from being successfully exploited. The tool works by protecting applications via a number of security mitigation technologies, vastly extending Windows operating system mitigation capabilities as Data Execution Prevention (DEP) and Address Space Layout Randomization (ASLR).

Continue reading “Some Things to Consider when Using EMET”

Continue reading