I've been occasionally called upon to do more offensive security work.

Traditionally, the basic toolset would be Kali Linux in a virtual machine.

However, a few years ago it become possible to run it directly in Windows under WSL2, as a much neater and quicker approach.

Later, for an even lighter solution, Docker images of Kali became available.

Earlier this year, Apple released native containerisation support in MacOS, and running Kali containers on Macs becames an intriguing option.

Late last year I saw an unexpected UX failure when adding a new Microsoft Authenticator app as the MFA method. It appears that a few months later the issue still persists.

I've recently been running a few Kubernetes lab scenarios in Azure.

Usually I try to set such things up via Azure Powershell.

However this has been a learning experience of the feature disparity between Azure Powershell and Azure CLI.

I've recently come across "The Good Parts of AWS" by Daniel Vassallo and Josh Pschorr.

It's an enjoyable read and quite handy for the right audience, but some readers may want more.

Following on from the last few posts on Microsoft certifications, there are now several practical, hands-on alternative learning options in the new Applied Skills series.

Earlier this year Splunk launched a new Cybersecurity Defense Analyst certification, with more emphasis on Cybersecurity content, not only Splunk knowledge. This month the certification is out of the beta, and results are public. Most of the study material is freely available and the exam is inexpensive, making this potentially an attractive certification to have.

Following on from an earlier post, this post covers the Azure area of Microsoft certifications and how they may be of relevance from a security perspective.

Following on from an earlier post, this post covers the Security and Compliance area of Microsoft certifications and how they may be of relevance from a security perspective.

Following on from an earlier post, this post covers the MS365 area of Microsoft certifications and how they may be of relevance from a security perspective.

Having worked for Microsoft partners, and with Microsoft technologies, getting certified by Microsoft can be useful - however, like so many other vendors, Microsoft offers a large selection of certifications, and retires and launches new certifications on a regular basis.

Following on from an earlier post, this post is the first in a series of articles covering the overall MS certification offering and how it may be of relevance from a security perspective.

More details have been added for specific areas in the MS365, Azure, and Security and Compliance pages.