Azure Insights: MFA Server; Inspec-Azure; Application Insights logging

Microsoft Azure pros share their thoughts on the new version of MFA Server, using Inspec-Azure for DevOps Pipelines and Application Insights logging.

Making sense of the new version of Azure Multi-Factor Authentication Server

Microsoft MVP Sander Berkouwer, writing on The Things That Are Better Left Unspoken, examined the release of version 8.0.5.1 of Azure Multi-Factor Authentication Server. Version 8.0.4 was released back in February, and the August update adds on-prem, IIS, ADFS and RADIUS authentication options.

Berkouwer noted a few key features in the new version. Cross-site request forgery prevention blocks an emerging form of malicious exploit, in which an unwitting target submits a web request they didn’t intend. These attacks are prevented through the User Portal. Together with a double submit cookie and encrypted token, Microsoft also changed the Content-Security-Policy header. This blocks malicious scripts from running in browsers visiting ADFS infrastructure.

Using Inspec-Azure in an Azure DevOps Pipeline