My Faber Security

Welcome to My Faber Security

Through my blogs I hope to share security content including lessons learned, generic concept details, deeper dives, best practices, workarounds, and tips & tricks I’ve learned over the years.

My goal is to share information that is useful to anyone that is interested in security, regardless of experience level.

Latest from the Blog

Global watchlists?

Managing lists globally and locally, i.e., on a customer-by-customer basis, using watchlists and externaldata.

Sentinel Playbook and Azure OpenAI 

Sentinel automation playbooks using a custom Logic App connector that uses the new Chat API with gpt-3.5-turbo and gpt-4. This time with Azure OpenAI vs OpenAI.

MSSPs and Identity: Q&A

Follow-up to the previous blog post to answer common questions on MSSPs and Identity

MSSPs and Identity

Identity configuration recommendations for MSSPs.

Sentinel Repositories

A quick introduction to Sentinel Repositories.

With a little help from MDC

Testing the new MDC governance rules to automatically assign and track owners for recommendations

Disguising data

Testing the new ingestion time transformation features in Microsoft Sentinel.

No, really, you don’t need that access

CloudKnox initial setup and the incredible value it brings to organizations and the security professionals working hard to keep them secure.

Leave it open and they will come

A story of how I left an RDP port wide open (oops!) and MDC and Sentinel came to my rescue when my resource was attacked.

Building secure applications using modern authentication (part 4)

You don’t need to disable MFA for users in the name of “automation”. Basic authentication is considered legacy authentication because there are safer options available. Keep reading to learn about OAuth, OIDC, modern authentication and how to use the valet key to create secure applications.

Building secure applications using modern authentication (part 3)

You don’t need to disable MFA for users in the name of “automation”. Basic authentication is considered legacy authentication because there are safer options available. Keep reading to learn about OAuth, OIDC, modern authentication and how to use the valet key to create secure applications.

Building secure applications using modern authentication (part 2)

You don’t need to disable MFA for users in the name of “automation”. Basic authentication is considered legacy authentication because there are safer options available. Keep reading to learn about OAuth, OIDC, modern authentication and how to use the valet key to create secure applications.

Building secure applications using modern authentication (part 1)

You don’t need to disable MFA for users in the name of “automation”. Basic authentication is considered legacy authentication because there are safer options available. Keep reading to learn about OAuth, OIDC, modern authentication and how to use the valet key to create secure applications.

Guest Access Reviews

A super simple way to review all guests with access to a tenant.

Federating AWS with Azure AD

For an enterprise level authentication and authorization solution, federate AWS single-accounts with Azure AD.

Roles vs Groups

For an enterprise level solution that authorizes user access, use application roles as much as possible instead of security groups.



For additional information on me, check out my LinkedIn Profile.