Microsoft's new Unified Tenant Configuration Management (UTCM) looks promising for drift monitoring, but doesn't fit the bill for point-in-time security assessments.

How security professionals can leverage Claude Code's extensibility framework to enforce deterministic security checks on AI-generated code, treating AI coding assistants like any other developer on the team.

A technique for fingerprinting which third-party email services organisations have authorised through their Proofpoint Hosted SPF implementation.

A comprehensive guide to Microsoft Sentinel Data Lake as at October 2025

A cautionary tale about vibe coding utilities that combine synchronous and asynchronous code.

US Federal civilian executive branch agencies using Microsoft 365 must choose between complying with CISA's SCuBA requirements or following industry best practice for email authentication. They can't do both.

How to set up the mitre-mcp server on Windows to give Claude direct access to MITRE ATT&CK framework data for threat intelligence and security analysis.

How to use PowerShell to parse and analyse JSON data from APIs and exports, transforming complex nested structures into structured reports ready for analysis.

Pondering Microsoft's recent Autodiscover service changes, and the information that remains publicly accessible for M365 email security reconnaissance.

How to connect the Azure MCP server to Claude Desktop for direct access to Azure resources, enabling Claude to help with Azure development and operations.