As everyone know, Microsoft forced MFA for every user who want to access Azure portal. From my side I absolutely agree with this direction, I would say it is a must have for everyone. If you use on...

FinOps first step: create an assessment. Easy to say but if your organization has hundreds of subscriptions, you can’t do it manually. That’s why I wrote a KQL query that calculates how many CPUs y...

Continuing the Service Endpoint Policy Improvement series with an Azure Policy: this time, I want to enforce that whenever users enable a Storage Account service endpoint on a subnet, they must als...

With a service endpoint policy, you can limit access to Storage accounts. When you enable a service endpoint on a specific subnet, only the Storage accounts allowed by the policy are reachable. By ...

The Service Endpoint vs. Private Endpoint debate is a never ending story. I believe both have their place in the Azure ecosystem, and I use both, as each has its own advantages and disadvantages. I...

How can I steal your data with Azure private endpoints? Azure Private Endpoints are a powerful tool for enhancing network security when implemented correctly. However, like any technology, they ca...

How can I steal your data with Azure private endpoints? Azure Private Endpoints are a powerful tool for enhancing network security when implemented correctly. However, like any technology, they ca...

I just migrated my VPN from OpenVPN to Global Secure Access (GSA), so I thought I would share my experience with you. One of the most important things for me is to reach my HomeLab and Azure resour...

In Azure, we have “Virtual Network”, which is a software-defined network. With this network, you can do many things, including creating a Service Endpoint. A Service Endpoint allows you to extend y...

Did you know that you can use a central certificate for your Azure Application Gateway? You don’t need a Key Vault in every subscription—you can use a central Key Vault in a central subscription an...