Tech Brandon
@TechBrandon
Father. Engineer. Learner. Lurker. AD, Entra/Azure & enterprise security specialist. Senior Security Consultant @trustedsec. Fellow Human Being.
Potrebbero piacerti
Hello friends! I'm doing a quick fundraiser and head shave for my favorite charity @StBaldricks . I'd love if you'd help me reach my goal. stbaldricks.org/participants/m…
Last chance to check out the @SoberInCyber booth at @WWHackinFest! Stop by before 4:00 PM to grab some swag, make a few crafts, and learn about our nonprofit's goal to increase the number of alcohol-free networking options in #InfoSec. #WildWestHackinFest #WWHF #cybersecurity
This! If you're using risk policies (and I hope you are) then this is the benchmark.
Entra ID Protection doesn’t silently forgive risk - it tracks Medium and High events until you do something about them. 🔹 User Risk → usually means stolen or replayed creds. Mitigate with an enforced password reset, not a ticket comment. 🔹 Sign-in Risk → suspicious session,…
This is straight out of Mr. Robot.
Weird stuff going on. This is a CRAZY anime arc. I beg you to read this post. This shit is crazy. Check this shit out June 16th, 2025: @phrack reports suspected offensive state-sponsored activity from China and/or North Korea targeting South Korea. They notify KR-CERT (Defense…
Added my slide decks from this weekend to github in case you're interested. github.com/techBrandon/TE…
Going to TEC 2025 Minneapolis next week? Check out @techBrandon's talk on September 30 at 10:30AM CDT. He'll be presenting his talk, "Know Thy Enemy: A Crash Course on Attacking and Defending Active Directory in 2025". Don't miss it! events.bizzabo.com/TheExpertsConf…
Tomorrow is the last day. If your Authentication methods doesn't look like this, I hope it's just because you are using Dark Mode ;)
For anyone that hasn't migrated their authentication methods in Entra yet, I recorded a guide with some common gotchas I'm really just trying to learn OBS and my gear, sorry for the potato quality, it's probably not Twitter's fault :p Working on getting better at this format ;)
Just watched the first 30m of K pop demon hunters again. I'm still confused and now have 3 songs stuck in my head at the same time.
Be sure to catch @techBrandon's talk on October 1 at 3:00PM CDT if you're going to TEC 2025! He'll be giving his talk, "Abusing Holes in Conditional Access". Check it out! events.bizzabo.com/TheExpertsConf…
Going to TEC 2025 Minneapolis next week? Check out @techBrandon's talk on September 30 at 10:30AM CDT. He'll be presenting his talk, "Know Thy Enemy: A Crash Course on Attacking and Defending Active Directory in 2025". Don't miss it! events.bizzabo.com/TheExpertsConf…
Folks, I'm super excited to announce a three part webinar series from Microsoft that involves some of your favorite folks from the Entra community. @NathanMcNulty and @rucam365 will be joining me and others from Microsoft to talk about implementing Zero Trust for identity and…
Of course this is "working as intended"
Wrote a quick blog as more of a rant this week. Found an interesting interaction with Active Directory delete permissions and the accidental deletion protections. Maybe you'll enjoy reading about how a simple question turned into a quest for truth. techbrandon.github.io/active%20direc…
Just updated my CA Policy reporting tool to support JSON files provided by @DanielatOCN. No more Graph permissions requirement. Download all the JSON files, point my script to the folder, and you'll get the same report as you would have via Graph. github.com/techBrandon/CA…
𝐂𝐀 𝐏𝐨𝐥𝐢𝐜𝐲 𝐂𝐨𝐩𝐢𝐞𝐫 is now on the Chrome Web Store! Check out the instructions and install link here > ourcloudnetwork.com/export-conditi… With CA Policy Copier, you can quickly copy or download individual Conditional Access policies in JSON format, which can serve as a temporary…
This is why you need at least 1 policy that applies to all resources. No exceptions.
Little known fact. Did you know that excluding just one app from an 'All Apps' conditional access policy may let other apps through? @fabian_bader explains in this week's Entra Chat.
I wanna hear more "raw dogging" stories. What you all got?
I remember raw dogging the internet back in the day. No router. Just plug right into the modem. Then some one sent me a systemwide message from my computer to my computer "hey, nice computer lol" Then I learned the risks of unprotected internet.
I'm hiring a Principal Security Researcher with rock-solid knowledge in Active Directory, Entra ID, and security research. Interested in working with me? Go apply here: ats.rippling.com/netwrix-corpor…
You're not going to want to miss this.
Many invest in penetration testing but skip a key step in their #ActiveDirectory to significantly reduce the attack surface. Join @PyroTek3 and @paulsems for our next #webinar on September 10 and learn what you're missing. Register now! trustedsec.zoom.us/webinar/regist…
United States Tendenze
- 1. Luka 105K posts
- 2. Good Saturday 14.2K posts
- 3. Talus 15.9K posts
- 4. #INDvsAUS 26.7K posts
- 5. Blue Jays 84.8K posts
- 6. #GirlsWhoInspire N/A
- 7. Halo 171K posts
- 8. #GirlPower N/A
- 9. #LakeShow 3,761 posts
- 10. Pharos 6,025 posts
- 11. Flyquest 4,227 posts
- 12. #gmgn N/A
- 13. Domain For Sale 8,578 posts
- 14. Mavs 13.8K posts
- 15. Toronto 68.4K posts
- 16. Snell 14.5K posts
- 17. Marcus Smart 4,062 posts
- 18. Kyshawn George 4,568 posts
- 19. Vando 2,790 posts
- 20. Nico Harrison 2,636 posts
Potrebbero piacerti
-
Josh
@passthehashbrwn -
Red Siege Information Security
@RedSiege -
strandjs - [email protected]
@strandjs -
nyxgeek
@nyxgeek -
Wild West Hackin' Fest
@WWHackinFest -
Melvin langvik
@Flangvik -
SkelSec
@SkelSec -
rootsecdev
@rootsecdev -
Matt Zorich
@reprise_99 -
Jim Sykora
@JimSycurity -
Christopher Peacock
@SecurePeacock -
Stephan Berger
@malmoeb -
Itamar Golan 🤓
@ItakGol -
DebugPrivilege
@DebugPrivilege -
Daniel 🦋
@d_feldman
Something went wrong.
Something went wrong.