Blog Entries

07. 07. 2026 Antonio Cerullo Automation, Microsoft

Automating BIOS Password Management on Dell Laptops via SCCM (with 90-Day Rotation)

Why We Decided to Address This At some point while reviewing our endpoint security posture, we realized that BIOS protection was one of those areas we tend to take for granted rather than actually verify. This was the situation we encountered: • No BIOS password configured• Unrestricted access to BIOS settings• External boot still enabled…

Read More
30. 06. 2026 Paolo Seghetti Azure, Cloud, Microsoft, NetEye, NetEye Extension Packs, Unified Monitoring

New NEP Coming Soon: Monitor Your Office 365 Tenant Subscriptions with Confidence

Office 365 is a suite of online subscription services offered by Microsoft as part of the Microsoft 365 ecosystem. It includes capabilities for document creation and management, email, video conferencing, collaboration, and many other productivity services. The upcoming NetEye Extension Pack (NEP) is designed to monitor subscription-related information within your Office 365 tenant by leveraging…

Read More
23. 06. 2026 Francesco Belacca Azure, Microsoft

Keeping Microsoft Foundry EU Deployments Honest with eu-azfoundry-scout

TL;DR When designing GDPR-conscious AI workloads in Azure, the model name is not enough. The version matters, the region matters, the deprecation date matters, and the deployment type matters, too. For EU-bound workloads, the practical question is often this: which exact model versions can I deploy in European Azure regions using Data Zone Standard (DataZoneStandard)?…

Read More
19. 06. 2026 Davide Spano Entra, Microsoft

Decentralized Identity Systems Concepts

Today, most digital identity systems are built around a Central Identity Provider. That provider signs users in, stores key identity data, and often sits in the middle of every trust relationship between people, applications, and organizations. This model works, but it also creates several growing problems: This article explains: The Problems with the Current Model…

Read More
17. 06. 2026 Alessandro Romboli Microsoft

UEFI Secure Boot Nightmare

Scenario Secure Boot was always a long bet on the idea that the PC boot chain could be made boring, predictable, and resistant to tampering. When UEFI replaced the old BIOS model, Microsoft and the PC industry moved toward a world where firmware would check signatures before handing control to bootloaders, option ROMs, and operating…

Read More
25. 03. 2026 Davide Spano Azure, Entra, Microsoft

Global Secure Access with Microsoft Entra

This article expands on the topic introduced in my earlier blog post Secure Access to Applications with Azure, which focused on securing access to an on-premises web application using Microsoft Entra Application Proxy. Global Secure Access is Microsoft’s unified framework for securing access to private resources, Microsoft 365 services, and internet destinations through identity-aware controls….

Read More
03. 03. 2026 Alessandro Romboli Microsoft, UI

Veeam Backup ADFS Integration

Scenario Veeam Backup is widely used as backup software, especially on virtual VMware vSphere infrastructure. Together with the new version 13 of the product, the SAML Single Sign On (SSO) feature was introduced, which can be used to protect administrative access to the Veeam Backup console by delegating the admin authentication to an external Identity…

Read More
19. 12. 2025 Francesco Belacca Microsoft

The New .slnx Format for dotnet Solutions

.sln Is Dead, Long Live .slnx: Why This Tiny Change Matters for Your Pipelines Some months ago here I used file-based apps and dotnet run app.cs as an excuse to question when C# might realistically replace PowerShell in day-to-day operations. This time the trigger is less flashy, but just as impactful: the new .slnx solution…

Read More
05. 12. 2025 Davide Spano Azure, Microsoft

Azure DNS Private Resolver

Azure DNS Private Resolver is a managed service that enables you to resolve DNS queries for private DNS zones across Azure and on-premises networks, simplifying hybrid network architectures and removing the need for custom DNS servers or DNS forwarders hosted on virtual machines. This service reduces operational complexity and provides scalable, secure name resolution for…

Read More
04. 12. 2025 Antonio Cerullo Microsoft

Microsoft LAPS on Windows Server 2016: From Introduction to Installation

Preface Cybersecurity is one of the biggest challenges for IT systems engineers. In many companies, local administrator accounts on PCs share the same password during installation. Imagine a real-world scenario: malware enters the network, steals the local administrator password, and uses it to spread to dozens of machines. Within hours, every last bit of infrastructure…

Read More
03. 12. 2025 Alessandro Romboli Microsoft

Single Sign-On for Power BI Report Server

Scenario Power BI Report Server is widely used in company environments, where typically several Windows servers with different roles are deployed in an OnPremise Active Directory domain. In this blog, I’ll describe how to configure user single sign-on access to a Power BI Report Server: the underlying protocol for authentication will be Kerberos and its…

Read More
29. 09. 2025 Davide Spano Azure, Microsoft

Secure Access to Applications with Azure

One overarching goal in the IT industry is to enable authorized users to securely access company resources. The implementation that fulfills this general requirement will depend on several factors, some of which will become clear as the topic unfolds. This article gives a logical and historical overview of what Secure Access is, the use cases…

Read More
29. 09. 2025 Antonio Cerullo Microsoft

Migration from Windows 10 to Windows 11 for Enterprise Clients

Introduction With the End of Support (EOS) date for Windows 10 approaching (it’s set in fact for October 14, 2025), companies must urgently plan their transition to Windows 11, as Windows 10 will no longer receive security updates after that date. This means non-updated devices will be exposed to vulnerabilities and thus be non-compliant with…

Read More
12. 09. 2025 Francesco Belacca Azure, Microsoft, Power Platform

Bulk-assigning Power Apps to Flow Owners

TL;DR. Owner assignment on the Power Platform via the UI requires a lot of clicks. I use a small, idempotent PowerShell 7+ script that assigns co-owners to many cloud flows across many environments using az tokens and Flow Admin REST APIs. It filters by name prefix, checks existing permissions, retries on throttling, and runs on…

Read More
27. 06. 2025 Davide Spano Azure, Microsoft

Secure Network Integration for Secrets in Microsoft Azure

Scenario: Introduction Think of an organization that maintains most of its IT infrastructure on Azure. It applies a segmentation strategy by branch office, where the assets underlying each regional branch office are deployed to their specific landing zone subscription, i.e. SUB-BRANCH-A, SUB-BRANCH-B, etc. The landing zones share the same Microsoft Entra ID Tenant as their…

Read More

Archive