Thant Zin Phyo

     For those unfamiliar with Amazon GuardDuty, it is a fully managed, intelligent threat-detection service, powered by machine learning, that continually provides insights into unusual and/or unexpected behavioral patterns within your account that could be considered malicious. Amazon GuardDuty can process and analyze millions of events captured through your AWS CloudTrail, DNS, and VPC Flow Logs from a single account or multiple accounts. These events are then referenced against numerous threat detection feeds, many of which contain known sources of malicious activity, including specific URLs and IP addresses.      Amazon GuardDuty is continually learning, based on the day-to-day operations within your account, to differentiate between normal behavior and what could be considered abnormal behavior, allowing it to effectively indicate a threat within your infrastructure. This behavioral-based analysis allows GuardDuty to detect potential interactions and ...

     The second primary component of Amazon Cognito is identity pools. These pools serve as a means to access AWS services by providing the necessary credentials. Through an identity pool, you can generate unique identities for your users, granting them temporary access credentials to AWS services. Examining the workflow depicted in Figure 15.2, you will observe that the user initiates the login process (typically through an application on their device) using a web-based IdP. After successful authentication with the web IdP, a GetId request is sent to Amazon Cognito for validation. Subsequently, the application proceeds with a GetCredentialsForIdentity request. Cognito, once again, validates this request. At this stage, Cognito communicates with Security Token Service (STS), obtaining a short-lived token for the authorized services associated with the application. Finally, Cognito returns the acquired token to the application, as illustrated in the following diagram: Figu...

  Starting March 30, 2024, Microsoft will deprecate the following three PowerShell modules: 1. Azure AD 2. Azure AD-Preview 3. MS Online How this will affect your organization: This change will affect your organization if you use any of these PowerShell modules. What you need to do to prepare: If you are currently using any of the deprecated modules, you will need to take action before March 30, 2024. Create a list of your scripts and upgrade them to Microsoft Graph APIs and Microsoft Graph PowerShell SDK to ensure continued support and functionality. What happens after March 30, 2024: After this date, the only support offered for these PowerShell modules will be support in migrating to Microsoft Graph PowerShell SDK. Only security fixes will be offered for these PowerShell modules after deprecation is announced. Once these modules are deprecated, they will continue to work for a minimum of six (6) months before being retired. Thant Zin Phyo@Cracky (MCT, MCE, MVP)