👋 Hi, Merill and Joshua here with this week’s roundup of the latest news on Microsoft Entra from around the globe 🌍.

The big news this week - Group Source of Authority is now generally available and is a major step in Microsoft’s journey to help customers move to cloud-first identity management.

We also saw strong community discussions around service accounts, Conditional Access, and the new soft-deletion and recovery for cloud security groups, a small but powerful safeguard for admins.

🎧 On the podcast this week, Katie Knowles joined us for a fascinating conversation on securing Microsoft Entra. A must-listen for all defenders.

Hacking Entra ID: Bypassing AppLocks & Creating ‘Immortal’ Users

Merill Fernando

·

Nov 8

In this episode, I sit down with security researcher Katie Knowles to unpack the hidden layers of identity systems inside Microsoft Entra. We get into real-world attack paths like backdooring service principals, restricted administrative units that can accidentally create unstoppable accounts, and OAuth phishing in Copilot Studio.

Read full story

Enjoy!

Sponsored by:

🤠 Wrangle the Entra App Frontier with ENow

The Entra ID app landscape has turned into a wild frontier: sprawling apps, tangled permissions, and citizen developers spinning up new agents and their apps faster than you can lasso ’em.

That’s where ENow’s AppGov Score comes in:

• Surveys and benchmarks your Entra ID app governance

• Identifies stale/risky apps

• Flags risky permissions and credential expiry before breach/disruption

• Delivers an App Governance Report - your map to a safer, smarter tenant

You don’t have to corral this Entra app chaos alone; there’s a whole community willing to help. Take the reins, spot risks on the horizon, and ride with confidence knowing your Entra environment is secure.

Take the Reins With AppGov Score

⚡️ Microsoft

🏆 General Availability

• Driving cloud-first identity: User SOA is now Public Preview and Group SOA is Generally Available • Joseph Dadzie

• Azure Container Registry now supports Microsoft Entra Attribute-based Access Control (ABAC) • Johnson Shi

📖 Read

• Microsoft Entra ID Protection scenario for mastering risk analysis for effective remediation • Microsoft Learn

🗣️ Message Center

• MC1183299 - Microsoft Entra: Soft deletion and restoration for cloud security groups

• MC1097225 🔺 - Entra ID: Upcoming changes to support passkey profiles in the authentication methods policy (preview)

From the community…

🚀 Most popular posts from last week

• 🥇We Have To Talk About Service Accounts! • Debug Privilege

• 🥈Beware including “My Sign-ins” in Conditional Access policies • Rakhesh Sasidharan

• 🥉Some policies I use in Conditional Access • Lewis Barry

Sponsored by:

“EasyEntra Has Transformed Our Daily IT Operations”
If onboarding a hybrid user takes 20 minutes and senior tech keeps getting dragged into first-line support, perhaps the problem is not your support team. It’s their tools.
Unlock a new level of IT efficiency for your entire organization.
EasyEntra streamlines your AD + M365 management by:

✅ Automating onboarding and offboarding.
✅ Consolidating management of users, mailboxes, and licenses.
✅ Stopping escalations of (what should be) simple helpdesk tickets.

Trusted by organizations worldwide:
“One of the best products I’ve used” – Mirick Law, US
“It feels almost like a revolution” – Arjeplog Municipality, SE
“This is the best software ever” – Core Healthcare, US

No infrastructure changes. No security changes. One-minute installation.

Free 30-Day Trial

☀️ Learn

👩‍✈️ AI & Copilot

• 📺 Why You Should Start Using Microsoft Learn MCP Today (7 min) • Brian Veldman

👮‍♂️ ID Governance

• Finding and Cleaning Up Deleted Resources in Entra ID Access Packages • Christian Frohn

🌐 Private Access & Internet Access (GSA)

• Having trouble with the GSA client health check? Here is how to fix the most common errors! • Per-Torben Sørensen

📦 Apps

• Restrict App Consent and Permissions Microsoft Entra • Mark Oldham

• Microsoft Requires Admin Consent for Apps Accessing Exchange & Teams APIs • Blesslin Rinu

• 📺 Entra Apps: Hunting Certificates & Secrets (23 min) • BlueScreen Brothers

🔑 Authentication

• Microsoft Edge just fixed a big passkey problem • Jorge A. Aguilar

• The Passwordless Paradox: Why Haven’t More Companies Adopted Windows Hello for Business? • Andrew Cooke

• 📺 This is how NOT to do MFA 😬 • Jonathan Edwards

👥 User & Group Management

• Restore Deleted Cloud Security Groups in Microsoft Entra • Daniel Bradley

• Entra ID – You can now recover deleted cloud security groups (preview) • Benoit Hamet

• Microsoft Entra Adds Soft Deletion and Restoration for Cloud Security Groups • Ramya

🤖 DevOps & PowerShell

• The Good (OIDC), The Bad (Secrets), and The Bicep • Stephen Tulp

• A beginners guide to Microsoft Graph API rate limiting in Intune • Ben Whitmore

• Building Event-Driven Automations in Microsoft 365 Using Graph Subscriptions • Brad Wyatt

🚦 Conditional Access

• Diving into geo filter with Entra Conditional Access – Part 1 • Per-Torben Sørensen

• How to Restore Deleted Conditional Access Policies in Microsoft Entra ID • Praba

• Locking Down Conditional Access Policies: A Lesson in Entra ID Limitations • Manish Periwal

• Mastering Microsoft Entra Authentication Contexts - Part 4: Monitoring and Reporting with KQL & M365IdentityPo • Sebastian Flæng Markdanner

• 📺 425 Show | Using AI to optimize Conditional Access policies (45 min) • Jeff Bley

• 📺 Conditional Access in Microsoft 365 – Real-World Scenarios (25 min) • Jonathan Edwards

🖥️ Devices

• Migrate hybride identity to cloud native identity • Jan Mulder

• Intune bitlocker recovery key missing in entra id • Benoit Lecours

• 📺 New controversial Entra ID feature • Andy Malone

📈 Reporting and Insights

• Version 1.5 of the Microsoft 365 User Password and Authentication Report • Tony Redmond

🥷 Security

• Deploying Entra ID and Azure Attack Paths with BadZure • Mauricio Velazco

• Whitepaper: Securing Identities in the Microsoft Cloud | Google Cloud Security Community • Juraj S, Razvan Buliga, Ischa Rijff

• 📺 Deep-dive to Entra ID Token Theft Protection - Ekoparty 2025 (55 min) • Nestori Syynimaa

🛍️ External ID - Customers

• Sign in with username in Entra External ID (EEID) • Rory Braybrook

⚒️ Toolkit

• Automating Entra ID Documentation: From 10-Hour Marathon to a 3-Minute Export • Ugur Koc

• WatchTra: Attribute Compliance in Microsoft Entra ID • Oliver Müller

🔥 Maester

👨🏽‍💻 Merill’s corner

• Want to get featured on Entra.News? → Submit your content 😎

• Want us to say nice things about your company? Sponsor entra.news 🤩

• Love the newsletter? Tell us 💚❤️💜

🪃 Acknowledgement of Country

Entra.News is created on Wurundjeri land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. We pay our respect to them and their cultures and to elders both past and present.