Skip to main content

Posts

2024

Use Prometheus Node Exporter with SigLens and Vector.dev
·983 words·5 mins· loading · loading
English Logging Security Expert
Some days ago I discovered SigLens the first time and wrote a blog post about feeding logs into it with the help of Vector.dev. SigLens does not only provide fast log management - no; it also supports metrics.
Enterprise Attack Surface Management (EASM) - Summary
·808 words·4 mins· loading · loading
English EASM Security Azure Beginner
Microsoft provides an Enterprise Attack Surface Management (EASM) tool. In this blog series I want to disover the tool and the possibilities. This is part 3 of this series and covers my conclusions.
Fast log management with SigLens and Vector.dev
·2873 words·14 mins· loading · loading
English Logging Security Expert
A new star is born and my new personal favorite if you have to deal with logs: The Log Management solution from https://siglens.com/ together with https://vector.dev/ for log ingestion. This article describes the basic setup and the state of the project per may 2024.
Enterprise Attack Surface Management (EASM) - Tuning
·887 words·5 mins· loading · loading
English EASM Security Azure Beginner
Microsoft provides an Enterprise Attack Surface Management (EASM) tool. In this blog series I want to disover the tool and the possibilities. This is part 2 of this series and covers tuning.
Enterprise Attack Surface Management (EASM) - Activation and a first look
·1041 words·5 mins· loading · loading
English EASM Security Azure Beginner
Microsoft provides an Enterprise Attack Surface Management (EASM) tool. In this blog series I want to disover the tool and the possibilities. This is part 1 of an upcoming series.
Deploy Ubuntu 24.04 (Noble Numbat) with Autoinstall to Proxmox
·947 words·5 mins· loading · loading
English Proxmox Ubuntu Autoinstall Cloud-Init Expert
Ubuntu provides several methods to automatically install Ubuntu on systems. This article will describe the method with an Autoinstall file to automatically make the base setup of the system. Introduction When setting up VMs based on Ubuntu, I often go through the same setup steps.
Azure Batch and how to avoid misuse
·2149 words·11 mins· loading · loading
English Azure Azure Batch Azure RBAC Security Expert
Azure Batch is quite powerful tool if you want to scale compute intensive tasks in your environment due it lets you manage scaled workload in Azure. This article will present counter measure to reduce the risk of misuse.
Deploy Windows 11 Dev VM to Proxmox
·2010 words·10 mins· loading · loading
English Proxmox Windows 11 VMware OVA Expert
Microsoft provides Windows 11 Developer VMs for several Hypervisors like VMware, Hyper-V and more - but not for Proxmox. This article shows how to automate the process of deploying Windwos 11 Developer VM to Proxmox.

2023

Microsoft Defender for Office 365 & Least Privileges
·619 words·3 mins· loading · loading
English MDO Azure
If using Microsoft Defender for Office 365 (MDO) as a Security Analyst and want to mitigate stuff (eg. add a domain to the Tenant Level Allow/Block list) you have an issue with the current role model Microsoft provides.
Microsoft Defender for Endpoint Asset Rules
·424 words·2 mins· loading · loading
English MDE Azure
If using Microsoft Defender for Endpoint (MDE) often you need to tag devices according some rules. In the past this was a manual task or you automated it by using the API.
Add automatically Catch-All addresses as Send-from addresses in Exchange Online
·1743 words·9 mins· loading · loading
English Azure Expert Exchange PowerShell
In previous post I wrote about several possibilities to automate tasks in Azure. In this post I will show you an additional possibility to automate tasks in a cloud native environment with the help of Automation Account.
Microsoft Defender for Endpoint API with Logic App
·412 words·2 mins· loading · loading
English MDE API Azure Logic App Expert
In another post I already wrote about managed identities and using API. There I also showed how to adapt the required permissions. In this post you will see how to set up required permissions for Microsoft Defender for Endpoint (internally called WindowsDefenderATP).
Graph API with Logic App
·710 words·4 mins· loading · loading
English Graph API Azure Logic App Expert
In the first part of this serie we checked the basics of the Graph API. Now in this part we will use Logic App to query the API. This opens new way to automate tasks.
Nextcloud SSO with Azure Active Directory (AAD)
·1786 words·9 mins· loading · loading
English Azure SSO Expert Docker Nextcloud SAML
Nextcloud is a file sharing platform like Sharepoint. Providing SSO for this application for your Azure Active Directory users is easy - especially if you know which SAML properties you have to setup on both ends, Nextcloud and AAD.
Open port to Custom VM in Oracle Cloud
·743 words·4 mins· loading · loading
English Oracle Cloud Security Tipps
Oracle is a nice cloud provider which provides some resources for free. That’s perfect if you want to experiment with some web services. But unfortunatly accessing them is not an easy task if you are a beginner in this environment.
Azure Cross Tenant MFA Trust Settings
·499 words·3 mins· loading · loading
English Azure MFA Guest Tipps
To have MFA enabled also in a B2B scenario is important. But it could lead to two MFA prompts which could lead to the MFA fatigue syndrom. In this post I will show you how you could reduce MFA prompts.
Azure Application Proxy
·1217 words·6 mins· loading · loading
English Azure
Azure has a nice solution to bring on-prem web based applications safely into the internet: Application Proxy is the solution. Introduction Often companies have on-prem web applications which should be accessible by Azure users.
How to decompile an APK file
·291 words·2 mins· loading · loading
English Hacking Android E-Mobility
After successfully downloading the APK archive we have to decompile it in the next step. This article describes this procedure. Introduction The process is basically simple and involves following steps:
How to download APK files on non Android devices
·206 words·1 min· loading · loading
English Hacking Android
As a first step before you could dig into reverse engineer an Android application you have to fetch it from somewhere. This is not so easy due normally only Android devices download them from the Google Playstore.
Midjourney - an AI based image generator
·534 words·3 mins· loading · loading
English AI Midjourney
Currently there is a hype ongoing regarding AI based tools, like text based systems like ChatGPT or image generators like Midjourney. Here I will show you some pictures and hints regarding Midjourney.