My Faber Security

Welcome to My Faber Security

Through my blogs I hope to share security content including lessons learned, generic concept details, deeper dives, best practices, workarounds, and tips & tricks I’ve learned over the years. As you’ll quickly learn, my passion is identity, so most of the content will likely revolve around identity management.

My goal is to share information that is useful to anyone that is interested in security, regardless of experience level.

Latest from the Blog

Sentinel Repositories

A quick introduction to Sentinel Repositories.

With a little help from MDC

Testing the new MDC governance rules to automatically assign and track owners for recommendations

Disguising data

Testing the new ingestion time transformation features in Microsoft Sentinel.

No, really, you don’t need that access

CloudKnox initial setup and the incredible value it brings to organizations and the security professionals working hard to keep them secure.

Leave it open and they will come

A story of how I left an RDP port wide open (oops!) and MDC and Sentinel came to my rescue when my resource was attacked.

Building secure applications using modern authentication (part 4)

You don’t need to disable MFA for users in the name of “automation”. Basic authentication is considered legacy authentication because there are safer options available. Keep reading to learn about OAuth, OIDC, modern authentication and how to use the valet key to create secure applications.

Building secure applications using modern authentication (part 3)

You don’t need to disable MFA for users in the name of “automation”. Basic authentication is considered legacy authentication because there are safer options available. Keep reading to learn about OAuth, OIDC, modern authentication and how to use the valet key to create secure applications.

Building secure applications using modern authentication (part 2)

You don’t need to disable MFA for users in the name of “automation”. Basic authentication is considered legacy authentication because there are safer options available. Keep reading to learn about OAuth, OIDC, modern authentication and how to use the valet key to create secure applications.

Building secure applications using modern authentication (part 1)

You don’t need to disable MFA for users in the name of “automation”. Basic authentication is considered legacy authentication because there are safer options available. Keep reading to learn about OAuth, OIDC, modern authentication and how to use the valet key to create secure applications.

Guest Access Reviews

A super simple way to review all guests with access to a tenant.

Federating AWS with Azure AD

For an enterprise level authentication and authorization solution, federate AWS single-accounts with Azure AD.

Roles vs Groups

For an enterprise level solution that authorizes user access, use application roles as much as possible instead of security groups.



For additional information on me, check out my LinkedIn Profile.