Deep security commentary and research notes on Microsoft 365, Intune, Defender, Entra ID (logs included), patch state, CVEs, and Purview, plus behind-the-scenes posts on Senserva Trustworthy AI.
Product updates and commentary from the Senserva team, spanning the full Microsoft 365 stack and the broader IT and security industry.
This month's Patch Tuesday post is a living page: we keep it updated as the fixes and exploitation data roll out.
A story from decades in patching: the bank whose unpatched servers an attack shut down, the three ways machines miss patches, and patching by priority. Full essay on Substack.
Microsoft's largest Patch Tuesday on record: 622 CVEs, including 56 Critical, and three zero-days, two exploited in the wild (AD FS and SharePoint). What to patch first, and how to prioritize a record month on KEV and EPSS.

Thirty years of the same finding, from Windows NT at 3M to Microsoft 365 today: broken Conditional Access, standing admin, Anyone links, leaked client secrets, dormant CVEs. The problems, the easy fixes, and the risk of waiting.
From Senserva product development: the three administrative relationships in Entra Agent ID, what Owners, Sponsors, and Managers can each do, where each attaches in the agent object chain, and Graph API C# examples for assignment and for auditing ungoverned agents.
From the Senserva Dev team: where patch posture data comes from in Intune and Defender, which threat intelligence feeds earn their place (CISA KEV, EPSS, MSRC, SSVC, exploit evidence), and the engineering lessons from joining them into one ranking.
Microsoft rewrote its Windows update guidance: AI-discovered vulnerabilities are compressing the time from patch release to exploitation, so deferral windows measured in weeks are over. What the new numbers are and how to hit them without breaking your fleet.
33 updates, 244 CVEs, 15 Critical. One month after the June release: which vulnerabilities gained exploit activity, what the data says now, and the checklist to run before the July 14 Patch Tuesday.
A Critical Windows Server 2019 and Windows 10 DHCP vulnerability with an unusually high 48% exploit probability. The Patch Tuesday updates that fix it, and how to decide what to patch first.

The three questions every security team is asking, and the road map they map to: seeing the whole Microsoft picture, patching ranked by real-world exploitation with live CVE and KB pages, and audit-ready CMMC evidence by design.
Free, no-login trackers for actively exploited CVEs (CISA KEV), Microsoft Patch Tuesday, end-of-life products, and 12,000+ CVEs and KBs, ranked by real risk, with JSON and RSS feeds.

Scan up to 50 Microsoft 365 tenants, up to 100 users each, any seat S1 to E7, for $600 a month or $6,500 a year. Built for MSPs and multi-tenant teams.

A CVE scan returns hundreds of findings, and CVSS alone cannot tell you what to fix first. Rank by CISA KEV and EPSS, tie patches to devices, and make it a defensible plan.
Two free, searchable lookup tables for the Microsoft world: a patch tracker and a CVE reference, cross-linked, built from MSRC and CISA feeds.

CISA BOD 26-04 retires the CVSS score and tells agencies to patch by risk. See the four-factor model, the three-day clock, and how Senserva already ranks with KEV and EPSS.
Service principals sign in with no human, no MFA, and no sign-in friction. Here is what makes one risky in Entra ID, and how to find the dangerous ones.

MFA Microsoft Security Conditional Access Intune Microsoft Entra A.I. Audit What the 2026 Verizon DBIR Means If You're in a Compliance or.

Senserva Senserva AI HOME-BLOG What Happens When a Tester Meets Senserva Trustworthy AI Clay Babcock Apr 21, 2026 We've been running.

Microsoft Senserva micrsoft misa Security Drift TOP-BLOG Microsoft's UTCM APIs: A Massive Win for Configuration Drift Management, And Why.

Today we're launching something that changes the game. Not with hype, not with buzzwords, but with something the security industry.

A Note from Clay: We're excited to welcome back Rod Trent as a guest contributor to the Senserva blog. For those who don't know Rod, he's a.

Senserva Microsoft Security Security Drift Cybersecurity Mark Shavlik AI Everyone's Deploying AI, Nobody's Validating Security Clay Babcock.

Senserva AI meta-cognitive Telco Teaching AI to Know When It Doesn't Know Clay Babcock Dec 8, 2025 We've been thinking a lot about trust.

Senserva Achieves Microsoft Sentinel Integration Approval: Completing the Three-Legged Stool Clay Babcock Dec 3, 2025 Entra ID. Intune.

Why MSPs Across 4 APAC Countries Are Racing to Solve the Configuration Drift Crisis Clay Babcock Nov 21, 2025 Last week's webinar with.

Microsoft Software Engineering shavlik Senserva Software Development Mark Shavlik Looking back: Mark Shavlik's Microsoft Journey Mark.

Azure Security Partner Microsoft Senserva Intune micrsoft misa Security Drift Real Talk from the Channel: Gino Barletta on the.

Integration Partner Azure App Service Security Microsoft Microsoft MISA Conditional Access Security Drift The Partnership Model That's.

MSSP Sentinel MISA Microsoft Sentinel Microsoft MISA Microsoft Security Microsoft Entra Security Drift Cybersecurity Webinar Recap: MSPs.

Senserva Cybersecurity When $2.6 Billion Goes Up in Smoke: The Cyberattack No One Saw Coming Clay Babcock Oct 2, 2025 How configuration.

Azure App Service Azure Lighthouse Why Senserva’s Azure Lighthouse Approach Is a Security Game-Changer Rod Trent Sep 29, 2025 Why.

Since announcing our Insurance Compliance Inquisitor program, I've been getting detailed questions about our process. People want to.

The Hidden Crisis in Cyber Insurance Clay Babcock Sep 12, 2025 Why I'm Soft-Launching the Senserva Insurance Compliance Inquisitor (And Why.

Azure Security Cloud Security MSSP Sentinel MISA Microsoft Security How Senserva is addressing the “Too Small to Target” Security Myth.

Microsoft Powershell Reddit Bridging PowerShell and C# for Advanced Microsoft Security Automation Mark Shavlik Aug 19, 2025 Hello, fellow.

Software Engineering general security Software Development Why Removing Legacy Software is Crucial for Security TJ Dolan Aug 13, 2025 In.

Azure Security Zero Setup Senserva is offering a Zero Setup plan for Drift Manager. We do all the work for you. Glenn Adolph Aug 5, 2025.

Cloud Security Senserva Microsoft Security Security Drift When Cyberattacks Hit Home: Lessons from the Saint Paul Incident Clay Babcock Aug.

Security Drift Drift Management: The Perfect Complement to Infrastructure as Code (IaC) Rod Trent Jun 24, 2025 Maintaining consistency and.

Intune Security Drift Understanding and Mitigating Security Drift in Microsoft Intune Managed Devices Rod Trent Jan 23, 2025 Enhancing.

security passwords Microsoft Entra Embracing the Future: The Shift Towards a Passwordless World Rod Trent Dec 17, 2024 Why Going.

security Microsoft Security Microsoft Entra Security Drift Security Drift in Microsoft Entra: Challenges and Mitigation Strategies Rod.

The Cumulative Impact of Incremental Changes on Security Posture: A Major Cause of Security Drift Rod Trent Nov 11, 2024 One concept that.

Combating Security Drift: Proactive Measures for Long-Term Security Rod Trent Nov 4, 2024 Maintaining robust security protocols is a.

Proactive Strategies: How Continuous Monitoring and Training Can Mitigate Security Drift Rod Trent Oct 28, 2024 Maintaining a robust.

Human Behavior and Security Drift: Employee Actions That Can Compromise Security Rod Trent Oct 21, 2024 The importance of robust security.

Security Drift: The Silent Killer Rod Trent Oct 11, 2024 New threats often capture our attention with their immediate and visible impact.

I am thrilled to announce the finalists for the 5th annual Microsoft Security Excellence Awards 2024, presented by the Microsoft.
Senserva and Bulletproof Solutions have announced a strategic partnership to develop and deliver industry-leading software solutions to.
At the time of writing this post, Azure AD contains 91 built-in administrative roles. These roles have varying degrees of power within.
Azure Active Directory has many components to it, with many features and capabilities. These different possibilities necessitate the.
If you've used Microsoft Sentinel, Azure Monitor, or Log Analytics Workspace (LAW) for more than a few minutes, you've inevitably come.
If you've been looking around in the Azure portal, you may have seen a newer blade in the menu named 'Authentication Methods' under the.

Today we'll be taking a look at Azure AD Conditional Access. Conditional Access is a feature of Azure AD Premium P1 and P2 that helps.

Today we'll be taking a look at Azure App Services and some of their features from a security standpoint. Azure App Services allow you to.

Senserva takes your security very seriously, as a trusted partner. As part of that security, the partners you work with need to also be.

Enabling MSP, MSSPs and customers to Run Their Own Azure Management Applications, Keeping all Data in Their Tenant Microsoft Azure provides.
Senserva is an easy-to-use, in-depth, customizable solution focused on helping MSSPs manage entitlement, configuration, compliance, and.

In previous blogs, we have already talked about the dangers of applications permissions used in app registrations. While they have their.
With great pleasure, we would like to introduce the open-source version of Senserva’s Azure Active Directory toolkit to help you secure.
Who is Senserva Senserva is the brainchild of Mark Shavlik. For those of you who have been in the industry for a while that may ring some.

Since the old age, applications that need to send emails through Exchange have always used a service account or a send connector to.
Run 650+ Microsoft 365, Intune, Defender, Entra ID, and Purview security checks against a free demo tenant, no cost, no agents.
Get startedPatching across Intune, Windows Autopatch, Defender, Azure, and your endpoint managers: see Senserva patching in action.
We use Google Analytics cookies to understand site traffic. No findings, scan data, or tenant data are sent. Privacy policy.