About me

Hi, I’m Adrijan Demirovic. Most people just call me Adi ☺️.

I’m a Microsoft-certified Cybersecurity Strategy & Service Development Leader  with over 17 years in overall IT. I started my career where things either worked or they didn’t. Windows servers, networking, firewalls, hybrid environments that had to function because there was no abstraction layer to hide behind. That background still shapes how I think about security.

I’ve worked across public sector, healthcare, global enterprise, government and regulated environments where compliance isn’t theoretical. It’s contractual. Over time, my role evolved from hands-on engineering into enterprise architecture, consulting, and product leadership. I’ve led Microsoft E5 security implementations, helped build managed detection and response services, supported NIS2 and ISO 27001 alignment, and worked closely with SOC teams, architects, engineers, and business stakeholders. But titles don’t matter much. Outcomes do.

What I care about is security that survives contact with reality.

I’ve seen beautiful architectures collapse under operational pressure. I’ve seen organizations buy every security product available and still miss the fundamentals. I’ve also seen small, well-structured environments outperform large enterprises simply because they focused on clarity instead of complexity.

For the past decade, my focus has been the Microsoft ecosystem. Microsoft 365, Azure, Defender, Sentinel, Intune, XDR, identity-centric security, Zero Trust. Not as a checklist of tools, but as a system. Controls aligned with risk. Automation that reduces noise instead of creating more of it. Governance models that people can actually live with.

Today, I work at the intersection of architecture and product thinking. Translating regulatory requirements into operational systems. Deciding which controls truly matter and which are just expensive comfort blankets. Balancing security posture with cost, usability, and business reality.

This blog is where I think out loud.

Here I document what I build, test, break, automate, and rethink. You’ll find content ranging from foundational configurations to deep dives into PowerShell automation, API integrations, detection engineering, and architectural trade-offs. I’ll also share insights on new Microsoft security releases and real-world testing results that go beyond marketing slides.

Sometimes the topic will be simple.
Sometimes it will go deep into scripting and edge cases. Both matter. Security should be understandable, testable, and operational. Not just compliant on paper.

If you’re working with Microsoft security technologies, whether you’re just getting started or designing enterprise-scale solutions, I hope something here saves you time, challenges your assumptions, or helps you build something more resilient.

Contact

If you did like to contact me, please send me DM on Linkedin: https://www.linkedin.com/in/demirovic/