A sleek, closed silver laptop with a subtle Microsoft 365 security dashboard visible as a soft reflection on its brushed aluminum lid, resting on a clean, dark wooden desk. Around it lie a minimalist notebook with crisp white pages, a black metal security key, and a small, matte-finish router with tiny status LEDs glowing. Cool, diffused daylight from an unseen window washes across the surface, creating gentle highlights on metal edges and soft shadows beneath objects. Photographic realism with a calm, professional atmosphere, shot at eye level with a shallow depth of field so the laptop and security key are in sharp focus while the background fades into a smooth, neutral blur, evoking practical, modern cloud security work.

Arjan Sturing — Microsoft 365 Security Blog

About Arjan Sturing

Cloud, Identity & Endpoint Security Professional

I’m Arjan Sturing, a security specialist with 17+ years of experience in Microsoft technologies, cloud infrastructure, and modern IT environments.

My focus is on Microsoft 365, identity-based attacks like AiTM phishing, token theft, session hijacking, and MFA bypass techniques, as well as endpoint security and management with Microsoft Intune.

I help organizations understand how attackers really operate across identity and device layers—and how to defend against it in practice, not just in theory.

Through this blog, I share real-world attack scenarios and practical security insights for IT and security teams.

Featured article

Did you think MFA is the way to secure Microsoft 365? Then read this article!

Attackers increasingly bypass MFA using advanced phishing kits, token theft, and session hijacking. This article breaks down how these attacks work in real Microsoft 365 environments and what you can do to detect and stop them.

Read the article

Articles

Latest articles on defending Microsoft 365 environments.