👋 Hi everyone, Merill and Joshua here with your weekly dose of Microsoft Entra news from around the globe 🌍.

This week, we're focusing on some critical updates you need to know about.

Key Highlights:

• Azure MFA Phase 2: The mandatory MFA rollout is expanding in October to cover a wider range of services, including PowerShell modules and other DevOps workflows. It's time to start preparing your environments if you haven't already!

• Community Spotlight: There's a ton of great Conditional Access guidance being shared by the community. We've also got some really cool news about Maester that you won't want to miss.

• 🎙️ Entra Chat: Tune in to this week's episode with Jay Gundotra and Sander Berkouwer. They're on a mission to build a community and raise awareness about securing applications and non-human identities within Microsoft Entra.

The Hidden Risks of Non-Human Identities in Your Tenant

Merill Fernando

·

Sep 6

In this episode of Entra.Chat, I dive into the critical world of app governance with experts Jay Gundotra and Sander Berkouwer, who unpack the hidden risks of non-human identities in Microsoft Entra.

Read full story

Enjoy!

Sponsored by:

Secure Your Entra ID Apps Before a Storm Hits

The perfect storm is brewing as citizen development explodes, SaaS apps continue to sprawl (both in volume and permissions granted), and teams become more strapped for time. Applications integrated with Entra ID are increasingly becoming an attack vector. Don't miss your opportunity to get ahead of this risk with a strong application governance strategy.

Working with organizations, we’re regularly seeing:
· Default tenant settings leaving gaps
· SaaS sprawl + shadow IT + vibe coding = accelerating exposure
· Reactive Onboarding and inconsistent Offboarding
· Unclear ownership of the Application Governance discipline

Don’t wait for a security incident to gain control. Jumpstart your governance journey with your AppGov Score. It’s your first step to understanding and securing your Entra ID app environment.

Access Your 7-day Upgraded Trial

⚡️ Microsoft

🏆 General Availability

• QR code authentication in Microsoft Entra ID • Microsoft Learn

Unlocking Entra ID's NEW QR Code Sign-In. Fast & Simple Authentication!

Merill Fernando

·

May 2

This episode of Entra Chat features Anju Singh, a Product Manager at Microsoft in the Microsoft Entra Authentication Experiences team. We discuss the newest authentication method in Entra: QR codes!

Read full story

• Microsoft Entra ID Governance licensing for guest users - Microsoft Entra ID Governance • Microsoft Learn

• General Availability of Native Authentication JavaScript SDK • Sasha Mars

📖 Read

• Azure mandatory multifactor authentication: Phase 2 starting in October 2025 • By Joy Shah, Neha Kulkarni

🗣️ Message Center

• 05 Sept - MC1143999 - (Updated) Azure Information Protection: Enable multifactor authentication for your Azure tenant by October 1, 2025

• 04 Sept - MC1123830 - (Updated) Microsoft Entra: Action Required – Update Conditional Access Policies for Azure DevOps Sign-ins

From the community…

🚀 Most popular posts from last week

• 🥇Modern Server Management – Azure Arc RDP with Entra ID Authentication • Frank van Zandwijk

• 🥈Securing Entra ID with YubiKey: How to Set Up and Sign In with Your Security Key • Shaun Hardneck

• 🥉Step-by-Step Guide to API-Driven Inbound User Provisioning in On-Premises AD with Microsoft Graph • Sreejith Reghunathan Pilla

Sponsored by:

Tenant Manager - Multi-Tenant M365 Management

Managing multiple M365 tenants shouldn’t feel like copy-pasting policies or guessing what changed, clicking through every blade manually, and hoping nothing drifts. Tenant Manager gives a clear overview across all environments, with standardized onboarding, policy deployment, drift detection, instant backup & restore (critical for Cyber Insurance).

• A single view across all tenants

• Drift detection without scripting

• Rapidly deploy new tenants to industry baselines with a matter of clicks

• Instant backup, restore, comparison

• CIS Certified - check your tenant(s) against CIS benchmarks, deploy official policies in seconds

Most teams spend days setting up new tenants and still miss key policies. Tenant Manager cuts that to 30 minutes and keeps everything aligned after that.

Built for MSPs, enterprise teams, and anyone tired of managing M365 the hard way.

• See it here: https://bit.ly/45kJjHq

• Brought to you by Andrew Taylor and SoftwareCentral

  Watch the video

☀️ Learn

👩‍✈️ AI & Copilot

• Leveraging Lokka to Your Overhaul Microsoft Branding • Dustin Lepi

• Security Copilot Threat Intelligence Briefing Agent – Deep Dive • Sami Lamppu

🔑 Authentication

• Leveraging the CertificateUserIds Attribute to Enable Certificate-Based Logon for Privileged Accounts in Entra ID • Gabriel Delaney

• Per-user Entra ID multifactor authentication • Lars Lohmann

👥 User & Group Management

• Find Unused Licenses in Microsoft 365 Using PowerShell • Blesslin Rinu

• Set an Entra user’s photo from a web image • Vasil Michev

• 📺 Azure RBAC vs Entra RBAC - What is the Difference? • Shabaz Darr

🤖 DevOps & PowerShell

• Microsoft Deprecates Graph CLI and Toolkit • Tony Redmond

• Closing Microsoft Graph Gaps: My Feedback Portal Request Gains Top 3 in Just 4 Days • Michael Morten Sonne

• How to Update Entra ID Apps to Run Teams Cmdlets • Tony Redmond

🚦 Conditional Access

• Conditional Access Essentials: Authentication contexts + Secure PIM & Resource Access • Ewelina Paczkowska

• Protect Security Info Registration with Microsoft Entra Conditional Access and Microsoft Entra ID Protection • Oliver Müller

• "Help, I'm Trapped in a Conditional Access Policy Factory!" - How to Find Out Which Users Are Living Their Best Exclusion Life • JJ Milner

• 🔐 Evolving Security with Precision: New Advancements in Azure Conditional Access • Sameer Bhanushali

• How a Flawed Microsoft Conditional Access Template is allowing AiTM attacks to fly under the radar • John Fitzpatrick

• The Essential Guide to Microsoft's Conditional Access Recommendations • Alf Løkken

🖥️ Devices

• Announcing ISDF – Intune Stateful Device Fingerprinting • Graham Gold

📈 Reporting and Insights

• Entra Useless Insights Report • Eric Woodruff

🥷 Security

• 📺 Zero Trust Workshop! (11 min) • John Savill

• Microsoft’s Free Zero Trust Workshop to Build Stronger Defenses • Shanchana

♻️ Sync

• Entra: Retrieve Entra Connect Version Information • Will Francillette

• 📺 Top Microsoft Entra Security Features (19 min) • Niklas Tinner, Sebastian Flæng Markdanner

📒 Tenant Configuration

• Microsoft Limiting Onmicrosoft Domain for Email Sending • Rudy Mens

• 📺 Beginners Guide to Entra ID (10 min) • John Savill

• 📺 Hackers Hate THIS! Brand Your Microsoft 365 Portal Today (10 min) • Jonathan Edwards

⚒️ Toolkit

• Semperis/SAMLSmith - A tool for generating custom SAML responses and implementing Silver SAML and Golden SAML attacks • Semperis

• apitoken.tools - API Token Tools for Microsoft Entra • Robin Gaal

• What is Entra Docs Tracker? • Daniel Bradley

🎙️ Podcasts

• The Hidden Risks of Non-Human Identities in Your Tenant • Merill Fernando, Jay Gundotra, Sander Berkouwer

🔥 Maester

• MaesterDiff: Because Comparing Maesters Just Got Twice as Fun! • Roy Klooster

• Monitor your Azure Security with Maester • Brian Veldman

👨🏽‍💻 Merill’s corner

• Want to get featured on Entra.News? → Submit your content 😎

• Want us to say nice things about your company? Sponsor entra.news 🤩

• Love the newsletter? Tell us 💚❤️💜

🪃 Acknowledgement of Country

Entra.News is created on Wurundjeri land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. We pay our respect to them and their cultures and to elders both past and present.