Graph API, PowerShell, GitOps, configuration as code, and CI/CD pipelines.
10 articles
Compare Intune security baselines against CIS benchmarks using a PowerShell export-and-diff workflow. Includes ASR deployment, deviation tracking, and a decision framework.
M365 E3 vs E5 decision framework for architects: TCO breakpoints, cost comparison scripts, and the rule for when E5 actually beats E3 plus add-ons.
Microsoft 365 tenant health audit checklist: detect orphaned groups, expired app secrets, CA policy sprawl, and SharePoint chaos with Graph API scripts.
Production-ready PowerShell scripts for M365 tenant assessment via Microsoft Graph API. Covers discovery, identity auditing, security posture, governance, and licensing.
Automated M365 licensing audit using Microsoft Graph API and PowerShell. Covers SkuPartNumber lookups (including Teams Exploratory), identifying unused Copilot seats, and reclaiming licences from disabled accounts still holding E5.
The application catalogue that maintains itself, pulling inventory from Graph API, classifying with AI, and surfacing your MSIX migration shortlist automatically.
How AI transforms Intune endpoint management with Copilot agents, automated policy configuration via APIs, and intelligent drift detection. Replace manual device configuration with agentic workflows.
Win32 vs MSIX vs Microsoft Store for Intune deployments. Covers MSIX trade-offs for legacy Win32 and COM apps, interoperability challenges, deployment rings, and a decision framework for choosing the right packaging format.
Configuration as Code for Intune with Microsoft365DSC. Version control, drift detection, and automated deployment using Git workflows, without becoming a developer.
How to build a repeatable, auditable Windows estate using Intune, Autopilot, and GitOps, and why it matters more than ever.
