Field Notes

Notes from the ridge.

Running TIL notes, a ranked directory of the sources worth watching, and whatever's currently open on the desk — Azure, identity, and security, mostly.

TIL

Today I Learned

running notes worth remembering

Entra ID cross-tenant token protection is now GA in Conditional Access — always validate requirementProvider claims in staging before broad rollout.

entra identity

Azure Policy audit effect flags non-compliance but never blocks — swap to deny on critical controls inside landing zone scaffolding.

azure governance

Defender XDR now correlates MCAS signals with Defender for Endpoint telemetry — noticeable drop in alert fatigue for tenants over 5k seats.

defender m365

Ranked Watch Sources

web-only favourites sorted by trust and popularity signals

Currently Reading / Watching

what's open on the desk right now

Zero Trust Networks Gilman & Barth Book
Security Engineering Ross Anderson Book
Risky Business Patrick Gray Podcast Azure Friday Microsoft Video The Pragmatic Engineer Gergely Orosz Newsletter