Skip to main content
Hairless in the Cloud - Microsoft 365 - Security und Collaboration

Hairless in the Cloud - Microsoft 365 - Security und Collaboration

By Hairless in the Cloud

Der deutsche Podcast rund um Microsoft Cloud Technologien: Office 365, Azure AD, Enterprise Mobility & Security, Modern Workplace & Collaboration. Präsentiert von Jan Geisbauer und Marco Scheel
Available on
Apple Podcasts Logo
Google Podcasts Logo
Overcast Logo
Pocket Casts Logo
PodBean Logo
RadioPublic Logo
Spotify Logo
Currently playing episode

061 - Oliver Kieselbach über Autopilot

Hairless in the Cloud - Microsoft 365 - Security und CollaborationDec 04, 2020

00:00
48:19
099 - Ignite 2023 - Kim Kischel about Microsoft Defender XDR

099 - Ignite 2023 - Kim Kischel about Microsoft Defender XDR

Kim Kischel is a good friend of our podcast team. We talked to her in 2019 when Ignite was much bigger and the world wasn't aware of what an pandemic is. In the meanwhile Kim is Director for Marketing of the whole Defender XDR suite - and this is exactly what we talk about with her. Its great to see and hear her excitement about the product - was really good to have her back in our podcast!

Nov 20, 202324:49
098 - Ignite 2023 - Copilot for Intune and Security with Lavanya Lakshman

098 - Ignite 2023 - Copilot for Intune and Security with Lavanya Lakshman

Lavanya Lakshman is a Director for Product Management at Microsoft and working on one of the most exciting topics Microsoft is currently focusing on: Copilot. Together with our friend Oliver Kieselbach we talk with Lavanya about Copilot in Intune, Security Copilot and how all this interacts.

Nov 20, 202335:07
097 - Ignite 2023 - Defender for Endpoint with Paul Huijbregts

097 - Ignite 2023 - Defender for Endpoint with Paul Huijbregts

Paul Huijbregts is a Principal Product Manager for Defender for Endpoint and a legend in the team. We talk about the latest improvements he and his team is working on, like for example MDE for Windows Subsystem for Windows.

Nov 20, 202325:30
096 - Ignite 2023 - ID Security with Alex Weinert and Etan Bassari

096 - Ignite 2023 - ID Security with Alex Weinert and Etan Bassari

We had the honor to host Alex Weinert and Etan Basseri on our podcast. Alex is a vice president at Microsoft and responsible for multiple identity security topics. Etan is an old friend of us and he is a product manager in Ales' team. Together we talk identity security in Microsoft products and Alex' vision on identity security. This episode is a must.

Nov 19, 202342:44
095 - Ignite 2023 - Security Copilot with James Key

095 - Ignite 2023 - Security Copilot with James Key

Our guest James Key is a Senior Product Manager at Microsoft and working on Security Copilot. We dive into this brand new product, its capabilities and the future of SOC and Blue Team work. We had a blast talking with James, the future is going to be very interesting.

https://www.linkedin.com/in/jameskeyholisticsecurity/

Nov 18, 202334:34
094 - Ignite 2023 - OneDrive with Miceile Barrett

094 - Ignite 2023 - OneDrive with Miceile Barrett

Guest: Miceile Barrett (Product Manager at Microsoft)

https://www.linkedin.com/in/miceile-barrett

https://twitter.com/MSFTMiceile


We talked about the Next Generation of OneDrive. Colored folders, Mac support, OneDrive limits and more with Miceile from the OneDrive Team.


Unveiling the Next Generation of OneDrive

https://techcommunity.microsoft.com/t5/microsoft-onedrive-blog/unveiling-the-next-generation-of-onedrive/ba-p/3935612

Nov 17, 202338:16
093 - Ignite 2023 - Copilot Studio and Power Automate with Joe Fernandez
Nov 16, 202327:10
092 - Ignite 2023 - XDR and SIEM together Tiander Turpijn

092 - Ignite 2023 - XDR and SIEM together Tiander Turpijn

Tiander Turpijn is Principal Program Manager at Microsoft and working on the integration of the Microsoft 365 Defender Portal and the Sentinel Portal. We discussed with Tiander what we can expect from this new unified portal. Tiander on LinkedIn: https://www.linkedin.com/in/tianderturpijn Tiander on X: https://x.com/TianderTurpijn?s=20

Nov 16, 202310:46
091 - Ignite 2023 - Keynote Summary

091 - Ignite 2023 - Keynote Summary

Eben ist die Keynote fertig und wir haben uns kurz hingesetzt und all die Copiloten und AIs sortiert. Das Setup ist noch etwas frisch und bei unseren Gästen für den Rest des Tages bekommen wir auch das Audio besser hin. Haltet durch.

Nov 15, 202314:20
090 - Ignite 2023 - Airport Kickoff

090 - Ignite 2023 - Airport Kickoff

Der Start unsere 2023 Ignite Podcast Serie vom Frankfurter Flughafen

Nov 14, 202303:19
089 - Chris about Identiverse

089 - Chris about Identiverse

Chris Brumm zu Gast bei uns - wir sprechen über seinen Besuch auf der Identiverse in Las Vegas.


Chris auf LinkedIn: https://www.linkedin.com/in/christopherbrumm/

Chris auf Twitter: https://twitter.com/@cbrhh



Jul 07, 202351:12
088 - Security Copilot und Avatar im Meeting

088 - Security Copilot und Avatar im Meeting

News

- Teams: Auto hand lowering (after speak)

- Teams: Greenscreen

- Teams: Video Filter Snapchat

- Teams: Leave meeting on all devices

- Teams: Premium

- Apple VR/AR Vision Pro

- Apple Camera Gimmicks

- Neue Leute für CSOC: https://www.glueckkanja-gab.com/de/jobs/#cyber-security-analyst-fk02xvz

- ChatGPT

- Gandalf AI https://gandalf.lakera.ai

- Analyse LEDs to steal secrets https://arstechnica.com/information-technology/2023/06/hackers-can-steal-cryptographic-keys-by-video-recording-connected-power-leds-60-feet-away/


Security Copilot

- https://www.microsoft.com/en-us/security/business/ai-machine-learning/microsoft-security-copilot


Avatar in Meetings

- 3D Avatars (aka Mesh)

- Install a app

- Create your avatar (3 stück)

- Lippenbewegungen

- Emotes (raise hands)

- Immersive Meetings (Spaces) - Walk in Meetings 😊 https://www.microsoft.com/en-us/mesh?rtc=1#tabxf8b46c55c83c4ce3b5a9e2d077756e2f

- Warum?

- Kein Equipment?

- https://support.microsoft.com/en-us/office/join-a-meeting-as-an-avatar-in-teams-5384e7b7-30c7-4bcb-8065-0c9e830cc8ad


Events

- Cloud Identity Summit: 7. September 2023 in Koblenz https://www.identitysummit.cloud (orga: Thomas Naunheim, Rene de la Motte & Gregor Reimling), sehr coole Speaker

- "Purple Elbe" (Fabian Baader & Tobias Fiebeler von ITACS) ist eine User Group rund um das Thema Cyber Security.

- Ob Blue Team, Red Team oder Purple Team; alle sind herzlich willkommen https://www.meetup.com/de-DE/purple-elbe/

- Workplace ninja Summit: https://www.wpninjas.ch/events/workplace-ninja-summit-2023/

- Nächster Podcast mit Chris Brumm über die Identityverse

Jun 16, 202354:44
087 - The Worst Case mit Florian

087 - The Worst Case mit Florian

Azure verbindet Florian Stöckl, Azure Lead bei glueckkanja-gab sowohl mit seiner Freizeit als auch - ihr ahnt es- mit seinem Beruf. In dieser Episode erzählt er, wie er die Allgäuer Faschingsparade, seines Heimatdorfes über Azure Media Services stream, was eine Landing Zone wirklich ist und vor allem: was man tun kann, wenn der schlimmste aller Fälle eingetroffen ist. Die Buchempfehlung von Florian lautet: The Phoenix Project.
Feb 24, 202350:35
086 - ASRmagedon und Wie mit Teams

086 - ASRmagedon und Wie mit Teams

Es ist 2023 und wir sind gut angekommen. Der erste Freitag der 13. des Jahres hat gehalten was der Aberglaube hergibt. Leere Startmenüs und was nun Herr Microsoft Defender? Eine Runde ChatGPT und dann analysiert Marco Jans Teams Chat Verhalten und  hat auch gleich ein ungefragten Verbesserungsvorschlag parat.

Links:

- Cloud Security Day 2023-02-16 in München https://www.linkedin.com/events/cloudsecurityday20237020735507227627520/about/

- Microsoft Immersion Workshop: Shadow Hunter (In-Person) - GlueckKanja GAB https://msevents.microsoft.com/event?id=32863655

- Microsoft Immersion Workshop: Into the Breach (In person) https://msevents.microsoft.com/event?id=2098158774

- ASR Goes Wild aka #ASRmagedon https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/recovering-from-attack-surface-reduction-rule-shortcut-deletions/ba-p/3716011

Jan 20, 202342:29
085 - Mac, Teams und 2022
Dec 23, 202247:57
084 - Das Wichtigste zur Microsoft Ignite 2022

084 - Das Wichtigste zur Microsoft Ignite 2022

Gast: Oliver Kieselbach

Das Wichtigste Zur Ignite 2022 rund um die Themen:

- Workplace und Device Management

- Collaboration und Communication

- Security und Threat Protection

 Wir freuen uns über eine gute Bewertung in Deiner Podcast App !!

Oct 14, 202258:45
083 - Hacking Teams

083 - Hacking Teams

News

- Wie war Dein Urlaub?

- Die Queen ist tot

- 10 Sexdezillarden

- Sentinel manual Incident Creation

- Guided Hunting in M365 Defender - https://techcommunity.microsoft.com/t5/microsoft-365-defender-blog/hunt-in-microsoft-365-defender-without-kql/ba-p/3607989

- WPNinjaSummit

- Microsoft Ignite

- Teams Room Licensing Changes 3x the price - https://www.microsoft.com/en-us/microsoft-365/blog/2022/09/06/meet-microsoft-teams-rooms-pro/?utm_source=pocket_mylist

- Viva Engade now with Stories

- By By AAD Viral Tenants aka unmanaged Tenants - https://techcommunity.microsoft.com/t5/microsoft-entra-azure-ad-blog/say-goodbye-to-unmanaged-azure-ad-accounts-for-b2b-collaboration/a-p/3094111?utm_source=pocket_mylist

- SPO Doc Lob with Default Label for Docs - https://twitter.com/YusufsDSBlog/status/1563640950265679872

- Visio On Web more icons - https://www.microsoft.com/microsoft-365/roadmap?featureid=98116

- New Power Toys Text Extractor - https://www.thurrott.com/windows/windows-11/272569/microsoft-adds-three-more-tools-to-powertoys

- Podcast Empfehlung Geschichte aus Geschichte - https://www.geschichte.fm/

Hacking Teams

- GIFShell - https://www.bleepingcomputer.com/news/security/gifshell-attack-creates-reverse-shell-using-microsoft-teams-gifs/

- Teams Token Stealing - https://www.bleepingcomputer.com/news/security/microsoft-teams-stores-auth-tokens-as-cleartext-in-windows-linux-macs/

Sep 16, 202246:17
082 - Cross Tenant und Defender Updates

082 - Cross Tenant und Defender Updates

NEWS

Cross Tenant Access Policies

Defender Updates

May 20, 202246:58
081 - Windows mit Hybrid Work und Oliver

081 - Windows mit Hybrid Work und Oliver

Oliver Kieselbach

https://twitter.com/okieselb

Gibt ein Überblick über die Ankündigungen aus dem Windows Hybrid Work Event aus dem Bereich MEM und Windows 11 Hardware (Security)

Windows powers the future of hybrid work (microsoft.com)

#Windows11

- #MicrosoftPluton support

- #SmartAppControl

- Enhanced #DefenderSmartScreen

- #CredentialGuard by default

- Additional LSA protection by default

- #PersonalDataEncryption

- #ConfigLock

- (#HVCI) default enhancements

- #WDAC driver blocks

Apr 08, 202254:55
080 - Telefonieren mit Thorsten Pickhan

080 - Telefonieren mit Thorsten Pickhan

Thorsten Pickhan

MVP for Office Apps & Services | #MicrosoftTeams enthusiast and UC guy | #Community Speaker | blogger | Organizer of the @TeamsUG_DE in #Bochum

- https://twitter.com/tpickhan

- https://office365.thorpick.de/

- https://www.youtube.com/c/ThorstenPickhan/

Agenda

- Wer bist du und wo (Tech) kommst du her?

Thema

- Was ist der Unterschied zwischen Telefonieren und mit Teams telefonieren?

- Braucht man heute noch die klassische Telefonie?

- Was ist die einfachste Option für Telefonie in M365?

- Was ist die "komplizierte" Version?

- Wenn noch Zeit… dann noch Audio Conferencing?

Words for Bullshit Bingo für dein nächsten Meeting

- Public Switched Telephone Network (PSTN)

- Private Branch Exchange (PBX)

- Session Border Controller (SBC)

Mar 25, 202253:35
079 - мир

079 - мир

Danke an Andrej!

Mar 18, 202201:02:17
078 - Azure Identities mit Thomas Naunheim
Mar 11, 202257:21
077 - Sentinel News und Video Konferenzen

077 - Sentinel News und Video Konferenzen

Gundog v2: install-module gundog https://emptydc.com/2022/02/08/gundog-2/

PowerShell um TenantID zu bekommen: https://github.com/jangeisbauer/MiscPowerShell/blob/main/Get-TenantIDbyName.ps1

Basic Logs (im Kontrast zu Analytic Logs)

  • Große Datenmenen wie Netzwerklogs
  • Günstigere Ingestions Kosten
  • Dafür Kosten für Queries
  • Retention 8 Tage (statt 90)
  • Keine Alerts nur für Ad Hoc Hunting

Archived Logs

  • 7 Jahre
  • Low cost

IngestionTime Transformations: https://docs.microsoft.com/en-us/azure/azure-monitor/logs/ingestion-time-transformations

Feb 25, 202235:59
076 - 2022 und Umfrage im Meeting

076 - 2022 und Umfrage im Meeting

News

- Teams News 2022-01 https://techcommunity.microsoft.com/t5/microsoft-teams-blog/what-s-new-in-microsoft-teams-january-2022/ba-p/3082888?utm_source=pocket_mylist

  - Custom Background on the web

  - Meine Hardware - Dell vs Microsoft

- Teams Meeting Recording Expiration https://techcommunity.microsoft.com/t5/microsoft-teams-blog/how-to-manage-microsoft-teams-meeting-recording-auto-expiration/ba-p/3053035?utm_source=pocket_mylist

- Azure AD Cross Tenant Access policies leaked (NDA/private preview)

- AIP Client outphase https://techcommunity.microsoft.com/t5/security-compliance-and-identity/announcing-aip-unified-labeling-client-maintenance-mode-and/ba-p/3043613?utm_source=pocket_mylist

Umfragen in Teams

- https://support.microsoft.com/en-us/office/poll-attendees-during-a-teams-meeting-9923b7d4-ea97-4aa2-b8b8-b45fefe7d454

- Basiert auf Microsoft Forms

- Einfach den Termin auswählen und die Forms App hinzufügen

- Umfragen können im Vorfeld erstellt werden

- Im Termin kann man die dann einfach starten udn wieder schließen

- Bei den Usern kommt ein Popup

- Umfragen können so eingestellt werden, dass alle Presenter diese bearbeiten können

- Reduziertes Set an Funktion von Forms

  - Multiple Choice

  - Multiple Choice Quiz

  - Word Cloud

- Im Englischen werden auch Fragen vorgeschlagen

- Erbenisse landen auch in der Forms Appp aber da kein Bezug auf das Meeting :(

- Export nach Excel

- In Teams Kalender über die die Details am besten einzusehen

- Organizer, Presenter und Attendee wird hier immer wichtiger (Result, Delete, …)

Feb 04, 202246:46
075 - Olaf Hartong about Threats with a T

075 - Olaf Hartong about Threats with a T

Special Guest for this episode is: Olaf Hartong one of the founders of Faclon Force. He is also a MVP, Detection Engineer and knows stuff about Security Threats

https://twitter.com/olafhartong

https://olafhartong.nl


Dec 06, 202149:21
074 - SPECIAL Ignite 2021 H2 Recap

074 - SPECIAL Ignite 2021 H2 Recap

Gäste

  • Thomas Naunheim (Twitter: @thomas_live)
  • Oliver Kieselbach (Twitter: @okieselb)

Themen: Book of news: https://news.microsoft.com/ignite-november-2021-book-of-news

Modern Collab (Marco)

  • Microsoft Loop
  • Mesh for Microsoft Teams (Avatar as video + full VR mode)
  • Microsoft Editor with Context IQ

Identity (Thomas)

  • Security of Workflow Identities
  • Conditional Access Enhancements
  • Identity Governance und Entitlement Management

Enterprise Mobility (Oliver)

  • Custom Compliance
  • Linux Compliance
  • Linux enrollment (Intune App)
  • Defender Risk Score for macOS

Security (Jan)

  • MDE: Tabs in Hunting and TVM for iOS and Android
  • New Names: https://www.linkedin.com/feed/update/urn:li:activity:6861630452428505088?commentUrn=urn%3Ali%3Acomment%3A%28activity%3A6861630452428505088%2C6861929350405611520%29
  • Sentinel Solutions and Near Realtime Rules
Nov 05, 202101:14:40
073 - OneDrive und Sentinel Terms

073 - OneDrive und Sentinel Terms

News

OneDrive

Sentinel

  • Data
  • KQL Query
  • Events
  • Alerts
  • Incidents
Oct 15, 202155:55
072 - Catch-up und Brute Force gegen das AAD

072 - Catch-up und Brute Force gegen das AAD

- Windows 11

- Neue Surface Geräte (Studio & Duo2)

- Guter Samariter Attack mit AirTag: https://krebsonsecurity.com/2021/09/apple-airtag-bug-enables-good-samaritan-attack/

- GitHub Copilot ………………………….. Marco mal ausprobiert????

- Brute Force Azure AD https://www.secureworks.com/research/undetected-azure-active-directory-brute-force-attacks

  - Seamless SSO Enpoint /usernamemixed, eigentlich für hybrid joined clients für SSO

  - Ist aber momentan für alle Tenants enabled

  - Dagegen kann man BF attacken fahren, ohne MFA und ohne CA

  - Diese werden nicht gelogged

  - Es gibt auch schon einen PoC für ein BF script auf Github

  - Gegen eine BF Attacke hilft trotzdem SmartLockout in AAD

  - Allerdings nicht gegen password spray - es hängt also weiter an der PW Qualität

  - Außerdem, selbst wenn einer an ein PW kommt hilft ggf noch CA oder und MFA

  - Microsoft hat nun angekündigt, dass diese Events künftig gelogged werden und dies wurde auf TW schon bestätigt

  - Außerdem wird  der Endpoint per default disabled und man kann ihn künftig disablen manuell

- Teams News

  - https://techcommunity.microsoft.com/t5/microsoft-teams-blog/what-s-new-in-microsoft-teams-september-2021/ba-p/2793627

  - CarPlay

  - Pin a message

  - Reply to message

  - Open in Office by default

- Neue Apple Devices

- MIP Co-Authoring im Desktop GA

  - https://techcommunity.microsoft.com/t5/security-compliance-and-identity/co-authoring-on-microsoft-information-protection-encrypted/ba-p/2693718

  - GKGAB Webcast: https://www.youtube.com/watch?v=vOz4JIJoSW8

- Teams Co Organizer (Nov 2021)

  - https://www.microsoft.com/en-in/microsoft-365/roadmap?filters=Microsoft%20Teams&searchterms=co-organize

- Events

  -  Microsoft Ignite November 2–4: https://myignite.microsoft.com/home

  - WorkplaceNinjaSummit

- Lightweight PLans in Planner

  - https://m365admin.handsontek.net/lightweight-plans-in-planner

- Trek vs Wars: 34 Jahre https://mobile.twitter.com/jonathansfrakes/status/1443678370676437012

Oct 01, 202144:52
071 - SCEPMan

071 - SCEPMan

<ul>
<li>https://scepman.com</li>
<li>Special Guest: Dr. Christoph Hannebauer </li>
</ul>
Jul 23, 202154:24
070 - Windows 11

070 - Windows 11

News

Windows 11

  • Snaplayout
  • Snapgroups
  • Dock
  • Widgets
  • Store
  • Android Apps
  • Teams
  • MSA Required for Home
Jun 25, 202101:01:54
069 - DrAzureAD and AADInternals

069 - DrAzureAD and AADInternals

Dr. Nestori Syynimaa (Senior Principal Security Researcher at Secureworks)

Dr Azure AD, Identity Hacker and Blackhat Speaker

From Finland, the Author of AADInternals -  Dr Nestori Syynimaa

- https://twitter.com/DrAzureAD

- https://o365blog.com/

- https://www.linkedin.com/in/nestori/

Topics:

- BPRT - Bulk Primary Refresh Tokens

- Join Devices to AAD

- Password hash sync --> seamless sign in (additional option for PHS)

May 28, 202149:29
068 - Staying Up-to-Date with Christian
Apr 23, 202101:08:14
067 - Microsoft Azure Security Center with Tom and Yuri

067 - Microsoft Azure Security Center with Tom and Yuri

Microsoft Azure Security Center, 3rd Edition available for pre-order now

https://www.microsoftpressstore.com/store/microsoft-azure-security-center-9780137343423


Guests:

Yuri Diogenes (Principal Program Manager at C+AI Security CxE Team at Microsoft)

https://www.linkedin.com/in/yuridiogenes/

https://twitter.com/yuridiogenes

https://about.me/ydio

https://podcasts.apple.com/podcast/id1536487206


Tom Janetscheck (Security Program Manager at Microsoft)

https://www.linkedin.com/in/thomas-janetscheck/

https://twitter.com/azureandbeyond

https://blog.azureandbeyond.com/


We had a great talk with Tom and Yuri regarding their new book covering Azure Security Center. Listen to the show and you will get the opportunity to win a free copy of the book!

Apr 16, 202144:07
066 - Tooltime
Mar 29, 202152:60
065 - Ignite 2021H1 Recap

065 - Ignite 2021H1 Recap

Heute mit Niklas, Oliver, Jan und Marco rund um die Ignite News

https://news.microsoft.com/ignite-march-2021-book-of-news/

Azure

Niklas Bachmann

https://www.linkedin.com/in/niklas-bachmann-66a863158/

  • Virtual WAN updates - User VPN and VMware SD-WAN Partnering
  • Scalable Bastion Service
  • Azure Backup Archive Tier Preview
  • Azure Private Marketplace GA
  • Azure Resource Mover GA
  • Azure Firewall Premium Preview
  • Azure Disks Performance Tiers

Collab

Marco Scheel

https://techcommunity.microsoft.com/t5/microsoft-teams-blog/what-s-new-in-microsoft-teams-microsoft-ignite-2021/ba-p/2118226

  • Meetings
    • Presenter View
  • Video Layouts
  • 1k interactive Meetings
  • Microsoft Teams Connect
  • Shared Channels based on B2B
  • Teams Multi Geo
  • Safe Links for Teams
  • Operator Connect (Calling + Conferencing)
  • Low Data Mode
  • Teams + Azure Calling Services
  • SharePoint Governance Reports (Anonymous Sharing Links)

Security

Jan Geisbauer

  • Security Kram eben die Show notes liest eh keiner

Windows

Oliver Kieselbach

https://www.linkedin.com/in/oliver-kieselbach-a4a3409/

  • 1 Application Reliability
  • 2 Restart frequency
  • 3 Productivity Score
  • Windows Update for Business improvements
  • 4 Driver and Firmware update policies
  • 5 Expediting Quality Updates
  • 6 Known Issue Rollback (KIR)
  • Delivery Optimization
  • 7 Cloud-based congestion detection -> prevent download storm -> service elects someone and then this device can be the super spreader
  • client min. 2004 -> cloud -> later this year
  • 8 Settings Catalog
  • 9 Defender + Tunnel App combined
  • 10 Setup Assistant iOS native MFA support -> henne ei trotzdem -> TAP
Mar 05, 202101:08:42
064 - Temporary Access Pass und VIVA
Feb 19, 202158:39
063 - Script that und Escalate it

063 - Script that und Escalate it

News

- Emotet

- Solarwinds

- OWA KI

- SharePoint OneDrive merged admin center - https://techcommunity.microsoft.com/t5/- microsoft-onedrive-blog/bringing-onedrive-settings-into-sharepoint-admin-center-for/- ba-p/2054894

- Request data move 30.04.2021!!! - https://docs.microsoft.com/en-us/microsoft-365/- enterprise/request-your-data-move?view=o365-worldwide

- Clubhouse

- Apple macht jetzt Kopfhörer

- Neue Website - https://hairlessinthecloud.com

- Microsoft Security 10 Mrd: https://www.microsoft.com/security/blog/2021/01/27/- microsoft-surpasses-10-billion-in-security-business-revenue-more-than-40-percent-year-- over-year-growth/

- Teams WebHook - https://marcoscheel.de/post/2021/01/- 20210127-microsoftteams-webhookupdate/

- Unified Labels with SPO Sharing - https://docs.microsoft.com/en-us/microsoft-365/- compliance/sensitivity-labels-teams-groups-sites?view=o365-worldwide

Marco

- Automation PowerShell, CLI, …

- Teams, SharePoint, Azure AD, AZ, Microsoft Graph SDK, …

- https://marcoscheel.de/post/2021/01/20210124-m365teamsbackup-aadapp/

- https://pnp.github.io/powershell/articles/upgrading.html

Jan

- Privilege Escalation in AAD: https://emptydc.com/2020/12/10/privilege-escalation-in-azure-ad/

Jan 29, 202153:03
062 - Tech Tabu Xmas Special mit GeekSprech

062 - Tech Tabu Xmas Special mit GeekSprech

Zusammen mit GeekSprech spielen wir Hardcore TechTabu.

Dec 18, 202054:06
061 - Oliver Kieselbach über Autopilot

061 - Oliver Kieselbach über Autopilot

oliverkieselbach.com

Dec 04, 202048:19
060 - Ragnar Heil streamt

060 - Ragnar Heil streamt

Ragnar Heil (Channel Account Manager EMEA Central bei Quest)

https://twitter.com/ragnarh

https://ragnarheil.de/

https://ragnar.blog/

Wer ist Ragnar Heil?

Ignite Ankündigung „MS Stream New Vision“

- Zurück zu SharePoint

- Gut oder schlecht? Deine Meinung

Microsoft Stream basierte Events

- Team Live Events vs Stream Live Events

Event Setup

- Software

- Hardware

- Tipps & Tricks

Links

https://streamyard.com/

https://obsproject.com/de

https://techcommunity.microsoft.com/t5/microsoft-stream-blog/a-new-vision-for-microsoft-stream/ba-p/1686304

Nov 27, 202053:34
059 - FritzBox2Sentinel und ProductivityScore
Nov 20, 202044:01
058 - Teams Display und Jupyter Notebooks

058 - Teams Display und Jupyter Notebooks

News:

Teams Display und Audio

https://techcommunity.microsoft.com/t5/microsoft-teams-blog/microsoft-teams-displays-now-available/ba-p/1810291

Jupyter Notebooks in Azure

https://docs.microsoft.com/en-us/azure/sentinel/notebooks

Nov 06, 202057:48
057 - EN - Defender for Office 365 with Pawel Partyka
Oct 28, 202055:27
056 - Ignite 2020

056 - Ignite 2020

Collaboration

- Stream stirbt und SharePoint lebt

- Meetings werden besser (Together Mode Backgrounds, Custom layouts, Breakout, …)

- Teams Federation in Gruppen Chats

- Meeting Teilnehmer immer auf Mute

- SharePoint File Sharing Guest expiration

- Info Protection (Group oder Datei) und SharePoint Sharing

- Exchange Email +Notation

- Teams Templates im Admin

- Teams Panels, Capacitiy

- Teams search

Links

https://techcommunity.microsoft.com/t5/microsoft-teams-blog/what-s-new-in-microsoft-teams-microsoft-ignite-2020/ba-p/1665600

https://techcommunity.microsoft.com/t5/microsoft-stream-blog/a-new-vision-for-microsoft-stream/ba-p/1686304

https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/what-s-new-in-security-and-compliance-in-sharepoint-and-onedrive/ba-p/1696705

Security

- MTP = Microsoft 365 Defender

- MDATP = Microsoft Defender for Endpoint

- OATP= Microsoft Defender for Office 365

- AATP = Microsoft Defender for Identity

The Azure Security Center solutions are rebranded accordingly:

- Azure Defender for Servers

- Azure Defender for IoT (cool CyberX stuff for OT)

- Azure Defender for SQL

- Microsoft Defender for Endpoint (fka: MDATP) now supports Android (GA) and iOS (Preview) and macOS is now supported with TVM.

Microsoft Threat Protection == Microsoft 365 Defender + Azure Sentinel + Azure Defender

Neue Attack Simulator Szenarien:

- Credential Harvest

- Malware Attachment

- Link in Attachment

- Link to Malware

Sep 25, 202052:47
055 - Vertrauen in die Cloud

055 - Vertrauen in die Cloud

News

- Tesla wurde gehackt - naja fast - https://www.zdnet.com/article/elon-musk-confirms-russian-hacking-plot-targeted-tesla-factory/

- Corona Update

- Computer Health: Monitor Placement / Setup - https://ergo-plus.com/office-ergonomics-position-computer-monitor/

 - top eye level

 - Tilt

- Teams Recording in DE und PowerAutomate! - https://techcommunity.microsoft.com/t5/microsoft-teams-blog/what-s-new-in-microsoft-teams-august-2020/ba-p/1619717

- Billige Meetings - https://www.microsoft.com/en-us/microsoft-365/blog/2020/09/08/3-deals-meeting-calling-experiences-microsoft-teams/

- Azure AD B2B Lizenzupdate 50k MAU free - https://azure.microsoft.com/en-us/pricing/details/active-directory/external-identities/

- Fluid Framework Open Source - https://fluidframework.com/playground

- MS Lists GA - https://techcommunity.microsoft.com/t5/microsoft-teams-blog/microsoft-lists-in-microsoft-teams-is-now-generally-available/ba-p/1621979


Grüße

- GeekSprech - https://geeksprech.de/geeksprech-podcast-folge-43-hairless-in-the-cloud-ist-schuld/

Vertrauen in die Cloud

- Apple, Google und/oder Microsoft?

- https://docs.microsoft.com/en-us/microsoft-365/compliance/encryption?view=o365-worldwide

- Wer hat den Key? Wer hat den Key erstellt?

- Service Encryption

 - Exchange Online, Skype for Business, SharePoint Online, and OneDrive for Business

 - Customer Key (aka Advanced Encryption with BYOK)

 - HSM or AKV

 - Availability Key

- Azure Information Encryption

 - Single file Verschlüsselung

 - RMS

 - BYOD

 - HYOK-DoubleKeyEncryption - Only Unified Labeling Client

 - https://techcommunity.microsoft.com/t5/microsoft-security-and/announcing-public-preview-of-double-key-encryption-for-microsoft/ba-p/1534451

 - Double Key Encryption helps organizations protect their mission-critical data - a small volume of their overall data.

- Customer Lockbox

 - Organisatorisch, technisch unterstützt und zertifiziert


Sep 15, 202055:27
054 - I like to move it - but you are not allowed to

054 - I like to move it - but you are not allowed to

NEWS

I LIKE TO MOVE IT

  • Mover.io (2019 gekauft)
  • "Alternativen"      SharePoint Migration Tool, ShareGate, AvePoint, …
  • Viele Anbindungen (14): S3, AZ Blob, Box, Dropbox, G Suite, Gdrive, O365, OneDrive

User vs Admin

Self Service Migration

  • OneDrive 2 OneDrive
  • DropBox 2 OneDrive
  • OneDrive 2 DropBox

Admin driven migration

  • Immer noch die Rede von       User!
  • User Mapping = Site Mapping       = Url 2 Url
  • Permission Mapping (upn =       upn) - damit auch B2B machbar?

UX

  • Anmelden an Service 1
  • Anmelden an Service 2
  • Auf jeder Seite den Ordner       wählen
  • Im Ziel auch anlegbar

Tech

  • 2 AAD Apps (alles       OIDC/Oauth)
  • Anmeldung an zwei Tenants in derselben Browser Session
  • Mover OneDrive (user consent)
  • Office 365 Mover (admin consent)
  • Keine "Lizenz"
  • Performance: Mein OneDrive 45k 106 GB = 12 stunden

Use Case

BUT YOU ARE NOT ALLOWED TO: Microsoft Endpoint Data Loss Prevention

  • Public Preview
  • Native built into Windows (in MDATP component and edge)

Compliance.microsoft.com

  • Sensitive Info Type: ex german passport number
  • AND Share Condition: Is shared with somebody inside or outside my org

Audit or restrict activities      on windows devices

  • Upload to cloudservices or       access by unallowed browsers
  • Copy to clipboard
  • Copy to USB
  • Copy to network share
  • Access by unallowed apps
  • Print

https://techcommunity.microsoft.com/t5/microsoft-security-and/announcing-public-preview-of-microsoft-endpoint-data-loss/ba-p/1534085






Aug 10, 202052:59
053 - Alles neu mit Christian Baumgartner
Jun 19, 202048:31
052 - Build 2020 und Windows 2004

052 - Build 2020 und Windows 2004

News from Build

Windows 2004

  • Graphic Card Temp in Task Manager
    • Only with dedicated GPU card
    • Only supported in Celsius
  • Rename virtual desktops
  • Reset from cloud
  • Win Taste und Punkt für Emojis Menü   
  • Windows Hello PIN in Safe Mode
  • Recover from the cloud
  • Restart Apps
  • Many Notepad features      
May 29, 202042:10
051 - Stephan Wälde und alle meine Token

051 - Stephan Wälde und alle meine Token

Stephan Wälde (Lead Cloud Architect bei der Glück & Kanja Consulting AG)
Twitter:
@stephanwaelde
Blog: https://stephanwaelde.com

Begriffserklärung

Access Token / bearer token

OAUTH

User vs. App

Besser Principal und Ressource Owner

Client != Device

Client eher Anwendung

Delegated vs App Permission

Basic

Ressource MS Graph

Ressource Owner

Client (Anwendung: Client ID)

Auth Server (AAD)


Access Token --> Resource

Refresh Token --> AAD

ID Token --> client

Username, Displayname, Email

Azure AD

PRT --> sso browser holt sich von OS

MSAL aware apps machen SSO

Enterprise Apps

Wie kann man die Tokens "anfassen"?

https://JWT.MS (ID und Access Token)

Fiddler

F12

Oder selber schreiben

Frage an Jan :)

RFC von OAUTH 2.0 https://tools.ietf.org/html/rfc6749


May 08, 202052:01
050 - Meetings everywhere und Attack Surface Rules

050 - Meetings everywhere und Attack Surface Rules

News

Attack Surface Reduction Rules 

https://techcommunity.microsoft.com/t5/microsoft-defender-atp/demystifying-attack-surface-reduction-rules-part-2/ba-p/1326565

Meetings Everywhere

  • Anbieter
    • Zoom
    • WebEx
    • Skype
    • Google
    • Meet
    • Hangouts
    • Facetime?
    • Blue Jeans
    • GoToMeeting
    • Discord, Twitch, Mixer
    • Microsoft Teams
    • Free Version
    • Commercial


Apr 24, 202052:38