Correlating Defender for Endpoint and Global Secure Access Logs

Correlating Defender for Endpoint and Global Secure Access Logs

If you are working with Microsoft security solutions, you might have heard of the new kid on the block called Microsoft Global Secure Access. Being a blue teamer myself, I asked myself how we can use this new Secure Service Edge solution - and specifically the Internet Access logs - to make our detections better.
6 min read
MDE GSA Global Secure Access Kusto
Entra ID Private Access with private integrated storage accounts

Entra ID Private Access with private integrated storage accounts

In the past couple of weeks, I worked on a project where I needed to provide access to a securely private integrated Azure Storage Account via the Entra ID Private access profile. During this project I encountered a very interesting bug, that made me better understand the insights of how Global Secure Access works.
6 min read
Global Secure Access Azure Private Access Troubleshooting