One of the more confusing Azure Virtual Desktop issues is when a session host drops out of the host pool and refuses to register again. ![AVD](/assets\img\2026-06-16-AVD-reregister-hostpools\01.pn...

Azure DDoS Protection can be useful, but in many environments it is simply an unnecessary extra cost. If nobody should enable it, then the simplest solution is Azure Policy with ‘deny’. In this ca...

If I had to pick the part I hate most about SPN-based integrations, it would be the secret. Rotation is consistently problematic: applications pick up the wrong version, keep using a cached old one...

How Can I Steal Your Data with Azure Private Endpoints I will present this session at BSidesBUD on April 29, 2026. BSidesBUD is an international IT security conference, which makes it the right p...

How Can I Steal Your Data with Azure Private Endpoints I will present this session at Global Azure 2026 in Madrid on April 18, 2026. Azure Private Endpoints are a powerful way to reduce exposure ...

If you want to control where Azure AI model inference can run, blocking only Global deployments is a good start, but it is not the full governance story. In many environments, the real requirement...

Corrected policy The original logic had two issues. First, ipRangeContains cannot be used as a policy operator here, it must be evaluated as a function inside a value expression. Second, the curre...

If your organization operates in Europe, using Azure AI is not only a technical decision. It is also a data residency decision. This matters a lot when teams start deploying models in Azure AI Fou...

The VM access always a pain point in Enterprise environments, mostly when we talk about productive environments. Until now, the username and password were the primary method for accessing Azure VMs...

I summarized the corrected, error-free PowerShell command sequence based on the latest Microsoft Graph SDK (v2+) syntax. This process creates the application, assigns the Sites.Selected permission,...