Posts

HockeyGear - Canada's Answer to CISA's ScubaGear

  Hey there fellow Canadian! Do you happen to run a tenant? Perhaps you've heard of or even used ScubaGear before? Maybe you've wondered if there was a way to test your tenant against Government of Canada guidelines? Well, so did I. If Cybersecurity and Infrastructure Security Agency could have a dedicated application for testing Microsoft 365 tenants against governement security standards, then why shouldn't Canada? Hence, I introduce to you the Canuck equivalent: HockeyGear . What Exactly Is HockeyGear? HockeyGear is a Microsoft 365 tenant protection toolkit built specifically with Canadian public‑sector realities in mind. It audits, hardens, and reports against the same standards federal departments are expected to follow: ITSG‑33 , the GC Cloud Guardrails , and CCCS Microsoft 365 guidance . In other words, it gives Canadian administrators a way to validate their cloud posture against the rules that actually apply to them, not just generic best practices. If you’ve...

A New Face for Risky User Management in Microsoft Entra

Image
You may be familiar with the classic interface that Microsoft Entra once provided to enable administrators and responders the ability to view risky users. In June 2026, this feature got a major upgrade that I am very excited to share with you. The new Risky Users experience in Microsoft Entra provides a fresh new look to gaining visibility into users at risk, and more information that will enable responders to make the best decision. So what is the Risky Users experience? For those who are not familiar, Microsoft Entra analyzes and processes billions of sign-in signals from many different tenants. These signals help to build a greater picture of the threats that organizations face, and your organization is no different. Risky Users is a part of a much broader suite of tools in Microsoft Entra called: ID Protection. Through this suite, responders and analysts are able to understand as well as remediate accounts, sign-ins, and now AI Agents that may be susceptible to compromise. In parti...