Blog

26 Jul 2021 Authentication context: what, why and when?

Conditional Access authentication context is currently in public preview. It is a Zero Trust control plane that allows you to apply different access policies within all apps. Why, when, how do we use it?

12 Jul 2021 Pen-testing in Microsoft Azure

Pen-testing is not incredibly complex, but doing it with respect for the rules of engagement, state rules, etc. can be very challenging.

24 Jun 2021 How to bypass MFA in Azure and O365: part 2

In the first part of this series about how to bypass MFA in Azure and O365, we discussed how SSO works and how an attacker can abuse this. In this second part, we elaborate on a more complex attack technique based on MFA in Azure and O365.

07 Jun 2021 How to bypass MFA in Azure and O365: part 1

This is part one of three blog posts about bypassing MFA in Azure AD and Office 365. In this first part of three, we explain how the Single Sign On (SSO) works and how an attacker might abuse this.

25 May 2021 Why third party application patching is essential

In this blog post, we explain why third party application patching is essential and how we approach this topic at SecWise. Are you looking to implement a similar framework or do you need help with getting started? Do not hesitate to reach out without any obligation.

25 May 2021 Moving away from WIP towards Endpoint DLP

In this blog we want to share some insights on Endpoint DLP and what the advantages are regarding Windows Information Protection (WIP). When it comes to protection of data on Windows 10 endpoints, we used to look at WIP which allowed us to configure policies for enlightened apps.

12 Mar 2021 CLOUD SECURITY POSTURE MANAGEMENT: AZURE SECURE SCORE

Cloud Security Posture Management (CSPM) is the buzz-word these days although relatively new. It comes in different flavors, different tools, all depending on your security needs. CSPM enables you to avoid misconfigurations that can potentially lead to data leakage(s).

14 Dec 2020 SecWise secures FIT’s cyber-doors to prevent attacks

In 2015, Flanders Investment & Trade launched an IT strategy to systematically switch to the cloud. At the same time, in addition to traditional centralized perimeter security control, attention also had to be paid to decentralized cyber security. After conducting various security audits and evaluating several security applications, FIT opted for the Microsoft 365 Defender suite.

10 Dec 2020 GO! gains the equivalent of half an FTE with new Microsoft security application

Eighteen months ago, GO! – the Department of Education for the Flemish Community – became the victim of several digital hacking attempts, with software for virtual desktops targeted in particular. For ICT manager Jan Buytaert, this wasn’t just the final straw to accelerate the migration to Microsoft Azure and Microsoft Office 365, it was also an added incentive to get a stronger grip on cyber security.

14 May 2020 Remote working: cyber security risks and best practices

COVID-19 has impacted businesses and employees in various ways. One common fact is that we all tumbled into the sudden need to work remotely. But without the appropriate controls, new risks will unintentionally be introduced into your organization. Work remotely in a secure manner with our top 5 threat checks.

07 Apr 2020 Keep control over your corporate data on users’ personal devices

The management of personal devices isn’t always an easy sell within an organization – employees are often reluctant to have their personal device managed by their employer. Luckily, there is Microsoft Application Management (MAM), which helps companies secure corporate data on mobile devices.

02 Jan 2020 Turn off Azure AD ‘Application consent by users’ now!

SecWise has seen a growing number of attacks that rely on the application consent default configuration in Azure AD, which allows threat actors to get access to users’ data, mails and more. It is strongly advised to turn off this feature as soon as possible!

21 Oct 2019 Protecting corporate data with Windows Information Protection

As users can access data from anywhere, it is a lot tougher to protect this data, especially for BYOD users that are accessing corporate data from their personal devices. Microsoft has built Windows Information Protection (WIP), to help organizations easily protect their corporate data accessed from unmanaged devices. WIP allows you to define and enforce policies to apps.

13 Mar 2019 Azure Active Directory: IAM for the future

When talking to customers about Microsoft 365 security, we often kick off with reviewing the security of Azure Active Directory. Whether you are using O365 (E1 or E3), Intune (or any other product from the EMS Suite) or Azure IaaS and PaaS services, you already have Azure Active Directory! In this blogpost, we highlight the most important Azure AD features that you should be aware of.

19 Feb 2019 Microsoft’s Cloud Security license bundles demystified

Microsoft is and has always been keen on offering multiple options to the customer to acquire their different tools. The only downside to this strategy is that it is often complicated to find the best fit from a customer’s point of view. Therefore, we’ll demystify the license bundles in this blog, focusing on the different security solutions in the bundles.

15 Nov 2018 Windows Defender ATP versus traditional antivirus solutions

Many organisations are considering Endpoint Detection Response (EDR) solutions, to improve their security posture against the many threats of today. In this blog post, we explain why your traditional antivirus (AV) solutions cannot cope with the actual threats of today and why Windows Defender ATP would be an excellent alternative.

27 Sep 2018 Microsoft as a security vendor?

Microsoft as security vendor? Are you serious? Microsoft does have a long history with security. This blog might help you understand why we at SecWise believe that Microsoft Security solutions can help many customers with their security challenges.