Mastodawn

Dec 15, 2022

I've started to work on the next part of the blog series about securing privileged access in #AzureAD and #Azure. Designing #ConditionalAccess policies and configuring #AccessPackages (in consideration of Enterprise Access/Tiering Model) will be the focus of the upcoming article.

Show thread

Nathan McNulty Nov 15, 2022

Gah, I forgot to include the hashtags for my blog post... :(

#Intune
#AccessPackages
#NathansBlog

Nathan McNulty Nov 15, 2022

Hey all, I just published an article on using Azure AD's Access Packages to enable end user device enrollment in Microsoft Intune

https://blog.nathanmcnulty.com/intune-using-access-packages-to-enable-user-device-enrollment/

If you have Azure AD P2 licensing and haven't seen Access Packages, welcome to your new obsession :)

There are a ton of other use cases for these, and I'm hoping to have some future posts to showcase great ways to use them from a security standpoint!

#Intune
#AccessPackages
#NathansBlog

Intune - Using Access Packages to Enable User Device Enrollment

Many organizations use device compliance with Conditional Access to provide protection against MFA capable phishing attacks such as Modlishka, evilginx2, or @mrd0x's browser in the browser attack. This protection works well because Conditional Access uses certificate based authentication with the device and pulls compliance data from Intune, and the attacker

Nathan McNulty