Visualize User and App Access Connections in Azure | Cross post from Microsoft Sentinel Blog
One of the key tenets for Azure security is the user account ... A user account can be a member of a group, have Active Directory roles assigned to them...
We put out a guest blog on the Microsoft TechCommunity Sentinel Blog, be sure to check it out!
...One of the key tenets for Azure security is the user account. Not exactly a new concept there, but what can be more informative to people that are just jumping into Azure is how far that can extend. A user account can be a member of a group, have Active Directory roles assigned to them (either permanently or temporarily through Azure PIM), own devices, and have different levels of permissions to using applications like SharePoint. A user can be included or, more importantly, excluded from the controls of a Conditional Access Policy...
The blog includes advanced KQL, Sentinel Notebooks, PyServa and more.
Great collaboration with the team and more to come soon!