/tags/hardening/ Recent content in Hardening on securityminded Hugo en-us Wed, 08 Apr 2026 17:36:38 -0400 /posts/blocking-harmful-user-agents-with-defender-for-cloud-conditional-access/ Wed, 08 Apr 2026 17:36:38 -0400 /posts/blocking-harmful-user-agents-with-defender-for-cloud-conditional-access/ <h2 id="summary">Summary</h2> <p>An often overlooked control that your organization may already pay for, but underutilize, is Defender for Cloud Apps + Conditional Access policies. These are surprisingly effective, straightforward to set up, and granular once you get a handle on the process. In my cloud apps hardening journey, I found that this specific use case (and many more!) are not well documented or laid out as clear as they could be in Microsoft documentation. Instead of paying a third-party for their bespoke product, you can leverage the capabilities of MDCA and conditional access to act as a reverse proxy for your Entra ID user authentication traffic.</p>