MSSP – To trigger playbooks in the customer tenants sometimes you need to assign the managed identities of those playbooks permissions to execute actions within the customer tenant. This post covers the steps to configure the access required to assign those roles and the steps to assign the roles as well.
Tag Archives: Azure
Delegate access using Azure Lighthouse for a Sentinel POC
Steps to delegate access to users on another tenant for a Sentinel POC using Azure Lighthouse.
With a little help from MDC
Testing the new MDC governance rules to automatically assign and track owners for recommendations
Disguising data
Testing the new ingestion time transformation features in Microsoft Sentinel.
My adventures (so far) with verifiable credentials.
Sharing my initial experience with verifiable credentials.
No, really, you don’t need that access
CloudKnox initial setup and the incredible value it brings to organizations and the security professionals working hard to keep them secure.
Cross-tenant workload identities with a single secret
You can have cross-tenant workload identities authenticating using the secret or certificate from their home tenant.
Leave it open and they will come
A story of how I left an RDP port wide open (oops!) and MDC and Sentinel came to my rescue when my resource was attacked.
Sorting out the Azure Activity Connector in Microsoft Sentinel
Just a few tips and tricks for configuring the Azure Activity Connector in Microsoft Sentinel.
RiskIQ Illuminate Content hub solution within Microsoft Sentinel
An overview of RiskIQ Illuminate solution available through Microsoft Sentinel Content hub.
My Faber Security 