Remember the “good old days” of VPNs? You connect, and suddenly you have network visibility to the printer on the 4th floor, the coffee machine IoT controls, and that one server from 2003 nobody da...

Microsoft recently introduced a cool feature in Security Copilot that helps you deploy Conditional Access (CA) policies without the usual heart palpitations: Phased Rollout. If you’ve ever pushed ...

AI AI AI AI AI… So somehow we have to control these where, agents play a critical role in automating tasks, processing data, and interacting with systems. However, these non-human identities often ...

I know my Azure Local setup not a supported configuration, but for homelab and testing purposes it works fine for me. When I try to update it, the update check show some error with NetworkIntent. S...

Ignite 2025 just wrapped up, and while the headlines are screaming “AI Agents,” I’m actually relieved to see a ton of solid, “meat and potatoes” infrastructure updates. Yes, AI is cool, but if your...

As everyone know, Microsoft forced MFA for every user who want to access Azure portal. From my side I absolutely agree with this direction, I would say it is a must have for everyone. If you use on...

FinOps first step: create an assessment. Easy to say but if your organization has hundreds of subscriptions, you can’t do it manually. That’s why I wrote a KQL query that calculates how many CPUs y...

Continuing the Service Endpoint Policy Improvement series with an Azure Policy: this time, I want to enforce that whenever users enable a Storage Account service endpoint on a subnet, they must als...

With a service endpoint policy, you can limit access to Storage accounts. When you enable a service endpoint on a specific subnet, only the Storage accounts allowed by the policy are reachable. By ...

The Service Endpoint vs. Private Endpoint debate is a never ending story. I believe both have their place in the Azure ecosystem, and I use both, as each has its own advantages and disadvantages. I...