Newsletter #4 2024

Published on: February 25, 2024


First of all, thank you for subscribing and reading the EndpointCave security newsletter.

I feel honored that you will join me on the journey of this bi-weekly Security Newsletter! My goal is to deliver valuable security content directly to you and your inbox.

But I need your help, do you have any valuable content that needs to be shared with the community? Did you create a security blog post or did you find a security-related news item that needs to be mentioned in my upcoming newsletters?

Please send me a message. You can contact me on X (Twitter) or LinkedIn.

The community has created a lot of content. In this newsletter, I reviewed about 125 items this time. I selected 26 community blogs and 4 videos. I also highlighted the following items:

  • Become a Microsoft Defender for Cloud Ninja
  • Finding Scopes for Microsoft Graph commands
  • Device Code flow authentication



Become a Microsoft Defender for Cloud Ninja

The Defender for Cloud Ninja training content has been updated. To become a Microsoft Defender for Cloud Ninja, you will need to complete each module. The content of each module will vary, refer to the legend to understand the type of content.

More information: Click here

Finding Scopes for Microsoft Graph commands

finding the required permission scopes for and command can be frustrating.  And, to make matters more difficult, the Find-MgGraphCommand cmdlet returns all valid scopes, not limited or broken into a least privilege model (read vs write).

To help ease that burden, you can use this script. You can add as many cmdlets as you want, one per line, to find all of the required scopes for your Graph PowerShell session.

More information: Click here

Device Code flow authentication

It seems that Microsoft has started rolling out the Conditional Access features (in preview) that allow you to restrict Device Code flow authentication. It isn’t available in all tenants yet, so the rollout of this preview feature is probably still ongoing.

More information: Click here

Security topics to watch

Microsoft Entra Verified ID: A Comprehensive Guide!

In this video guide, Peter delves into the intricacies of **Microsoft Entra Verified ID**, a powerful managed service for **verifiable credentials**. Whether you’re an IT professional, developer, or simply curious about digital identity, this tutorial has something for you!

Click here to view the video on YouTube

Improve your identity governance posture

In the same amount of time that it takes to drink a coffee, how much do you think you can improve your organization’s identity security and compliance? A lot. This webinar demonstrates how Microsoft Entra ID Governance makes that possible.

Click here to view the video on YouTube

The Ultimate Guide to Securing Microsoft 365!

In this episode, Andy will take you from Zero to Hero in his latest security guide designed to bulletproof your environment. Hacking unfortunately is a multi-million dollar industry that’s focussed on one thing. Ruining your life or your business. Well, say no more! It’s time to fight back and in this episode, Andy will show you some simple tips and tricks that you can use that will vastly improve your security in Microsoft 365. From identity tips including multi-factor authentication to conditional access. We’ll then look at securing your devices with Defender for Endpoint and then ensuring that those nasty phishing emails, attachments, and links have nowhere to go. So as he says enough is enough. It’s time to fight back.

Click here to view the video on YouTube

Lock Down Your Microsoft 365: Your Essential Security Policies

How do you secure your Microsoft 365? Here are 13 essential security policies for Microsoft 365 security, including conditional access policies.

Click here to view the video on YouTube

Blogs from the community

This is the end of this newsletter. Thank you for reading the Endpoint Security newsletter, I hope you have found valuable content that you can use.

Do you have any feedback? Please feel free to share your thoughts and suggestions with me for future editions. Any valuable content of blogs that I need to monitor or share.  Please send me a message. You can contact me on X (Twitter) or LinkedIn.

Kind Regards,

René Laas – MVP

Subscribe or follow me


Receive the bi-weekly newsletter directly in your mailbox

Followon XSubscribeto RSS Feed

Latest blog posts