Fabian Bader
@fabian.bader.cloud
#Security #Azure #EntraID #XDR #MDE #Identity #M365 #AD #PKI #KQL
Microsoft MVP
Tweets and opinions are my own
Microsoft MVP
Tweets and opinions are my own
Microsoft Defender just got the September 2025 update
◽Improved core service startup behavior
◽ Security fixes for missing input validation of RPC services
◽Fixed threat exclusion handling
◽Restored performance optimization for network file access
learn.microsoft.com/en-us/defend...
◽Improved core service startup behavior
◽ Security fixes for missing input validation of RPC services
◽Fixed threat exclusion handling
◽Restored performance optimization for network file access
learn.microsoft.com/en-us/defend...
October 21, 2025 at 9:18 PM
Microsoft Defender just got the September 2025 update
◽Improved core service startup behavior
◽ Security fixes for missing input validation of RPC services
◽Fixed threat exclusion handling
◽Restored performance optimization for network file access
learn.microsoft.com/en-us/defend...
◽Improved core service startup behavior
◽ Security fixes for missing input validation of RPC services
◽Fixed threat exclusion handling
◽Restored performance optimization for network file access
learn.microsoft.com/en-us/defend...
Token Protection in Microsoft Entra Conditional Access for Windows is now GA! 🎉
#EntraID #Token
learn.microsoft.com/en-us/entra/...
#EntraID #Token
learn.microsoft.com/en-us/entra/...
August 22, 2025 at 4:56 PM
Token Protection in Microsoft Entra Conditional Access for Windows is now GA! 🎉
#EntraID #Token
learn.microsoft.com/en-us/entra/...
#EntraID #Token
learn.microsoft.com/en-us/entra/...
One of the results of the joined research with @dirkjanm.io is entrascopes.com
Basically the yellow pages for Microsoft first party apps.
#TROOPERS25
Basically the yellow pages for Microsoft first party apps.
#TROOPERS25
June 26, 2025 at 9:48 AM
One of the results of the joined research with @dirkjanm.io is entrascopes.com
Basically the yellow pages for Microsoft first party apps.
#TROOPERS25
Basically the yellow pages for Microsoft first party apps.
#TROOPERS25
Rerunning my test scenarios for the #TROOPERS25 presentation...
June 22, 2025 at 4:58 PM
Rerunning my test scenarios for the #TROOPERS25 presentation...
May 9, 2025 at 10:51 PM
Planning for some days off from work. What to put in the duffle back beside a good book and some sunscreen?
My new favorite card game of course.
#FOCI #FamilyOfClientID
My new favorite card game of course.
#FOCI #FamilyOfClientID
May 7, 2025 at 5:44 PM
Planning for some days off from work. What to put in the duffle back beside a good book and some sunscreen?
My new favorite card game of course.
#FOCI #FamilyOfClientID
My new favorite card game of course.
#FOCI #FamilyOfClientID
Application Based Authentication on Microsoft Entra Connect Sync is near. With this change you will be able to use a TPM backed certificate in Entra Connect Sync for authentication.
This is a welcome change to prevent the compromise of this high privileged account.
#Entra #Certificate
This is a welcome change to prevent the compromise of this high privileged account.
#Entra #Certificate
May 2, 2025 at 6:52 AM
Application Based Authentication on Microsoft Entra Connect Sync is near. With this change you will be able to use a TPM backed certificate in Entra Connect Sync for authentication.
This is a welcome change to prevent the compromise of this high privileged account.
#Entra #Certificate
This is a welcome change to prevent the compromise of this high privileged account.
#Entra #Certificate
Since it's already April, let's have a look at the top 10 passwords in Q1 2025. If yours is not part of the list, good for you 😅
April 4, 2025 at 3:11 PM
Since it's already April, let's have a look at the top 10 passwords in Q1 2025. If yours is not part of the list, good for you 😅
Transition to enhanced modeling of Threat Intelligence data in Microsoft #Sentinel by 31 July 2025
That's a tight schedule, better get started soon.
That's a tight schedule, better get started soon.
April 2, 2025 at 9:10 PM
Transition to enhanced modeling of Threat Intelligence data in Microsoft #Sentinel by 31 July 2025
That's a tight schedule, better get started soon.
That's a tight schedule, better get started soon.
Hope you enjoyed the game. Seems we are close by 😅
March 31, 2025 at 5:44 AM
Hope you enjoyed the game. Seems we are close by 😅
The MVP wall of names is always a nice experience. So many great people on there.
#MVPBuzz #MVPsummit
#MVPBuzz #MVPsummit
March 25, 2025 at 11:41 PM
The MVP wall of names is always a nice experience. So many great people on there.
#MVPBuzz #MVPsummit
#MVPBuzz #MVPsummit
Well, football yes but no coding
March 23, 2025 at 4:41 AM
Well, football yes but no coding
March 22, 2025 at 11:18 AM
Ever wondered what DNS, LDAP, Kerberos and TLS connections when you request a certificate in an on-prem environment with Certificate Enrollment Web Services in the mix? I certainly did at some point and found this nice diagram when "migrating" my drawing to draw[.]io
March 14, 2025 at 10:04 PM
Ever wondered what DNS, LDAP, Kerberos and TLS connections when you request a certificate in an on-prem environment with Certificate Enrollment Web Services in the mix? I certainly did at some point and found this nice diagram when "migrating" my drawing to draw[.]io
March 5, 2025 at 12:05 PM
March 5, 2025 at 9:19 AM
Which one did you own?
February 28, 2025 at 4:53 PM
Which one did you own?
🛡️If you work with any Microsoft Security product #YellowHat is the conference for you.
Technical deep dives, no marketing, and an amazing speaker lineup.
Register today to join the livestream for free on https://yellowhat.live/
#XDR #MDE #MDI #Sentinel
Technical deep dives, no marketing, and an amazing speaker lineup.
Register today to join the livestream for free on https://yellowhat.live/
#XDR #MDE #MDI #Sentinel
February 21, 2025 at 5:10 PM
🛡️If you work with any Microsoft Security product #YellowHat is the conference for you.
Technical deep dives, no marketing, and an amazing speaker lineup.
Register today to join the livestream for free on https://yellowhat.live/
#XDR #MDE #MDI #Sentinel
Technical deep dives, no marketing, and an amazing speaker lineup.
Register today to join the livestream for free on https://yellowhat.live/
#XDR #MDE #MDI #Sentinel
Good to see that Microsoft is highlighting this more prominent. Don't grant tenant root access to your global admins.
1️⃣Remove it
2️⃣Alert on it
Action required: 1 user has elevated access in your tenant. You should take immediate action and remove all role assignments with elevated access
1️⃣Remove it
2️⃣Alert on it
Action required: 1 user has elevated access in your tenant. You should take immediate action and remove all role assignments with elevated access
February 16, 2025 at 3:59 PM
Good to see that Microsoft is highlighting this more prominent. Don't grant tenant root access to your global admins.
1️⃣Remove it
2️⃣Alert on it
Action required: 1 user has elevated access in your tenant. You should take immediate action and remove all role assignments with elevated access
1️⃣Remove it
2️⃣Alert on it
Action required: 1 user has elevated access in your tenant. You should take immediate action and remove all role assignments with elevated access
