Entra 🆔 News #131 → This week in Microsoft Entra
Learn about Entra Account Recovery, minimizing Active Directory usage, passkey updates and more
👋 Hi, Merill and Joshua here with this week’s roundup of the latest news on Microsoft Entra from around the globe 🌍.
As we push further into 2026, the shift from legacy connectivity to identity-centric security is accelerating. To help you navigate this, our latest podcast episode features Christopher Brumm from glueckkanja. We discuss the gritty details of deploying Microsoft Entra Global Secure Access (GSA). If you’ve ever wondered what it actually takes to retire a corporate VPN or how to handle scaling challenges in a Zero Trust environment, this conversation is a good-listen.
Beyond the airwaves, this week’s digest is packed with essential updates and guidance on passkeys, Entra account recovery and more.
Enjoy!
Sponsored by:
Learn Azure Red Teaming with Altered Security
Start your Azure Red Team training with Altered Security! We offer multiple Red Team courses with affordable and enterprise-like hands-on labs. Each course comes with an industry-recognized certification. We are the creators of the popular Red Team certifications like Certified by AlteredSecurity Team Professional for Azure (CARTP), CARTE and more.Our courses and labs are designed by experts who have more than a decade’s experience of training and speaking at Black Hat USA, DEF CON and other respected conferences. Join more than 50K professionals from 130+ countries and 500+ organizations.
Get lifetime access to the course material and practice attacks in live Azure environments. CARTE bootcamp starts 7th Feb 2026.
⚡️ Microsoft
📖 Read
Phishing actors exploit complex routing and misconfigurations to spoof domains • Microsoft Threat Intelligence
🗣️ Message Center
From the community…
🚀 Most popular posts from last week
🥇Passkeys, NFC, and Microsoft Entra ID on Android: An Unexpected Breakthrough • Dr. Emin Huseynov
🥈How to Setup Conditional Access for Account Recovery • Daniel Bradley
🥉Passkeys: A Comprehensive Guide to Modern Authentication • Sameer Bhanushali
Sponsored by:
Microsoft 365 security doesn’t break. It drifts.
⚠️ Conditional Access exceptions linger.
🔑 OAuth apps accumulate permissions.
👤 Admin roles expand.
📉 Baselines are set once and never checked again.Overe.io helps MSPs, IT administrators, and security teams bring discipline to Microsoft 365 security at scale through guided security operations:
🔍 Assess identity, app, and configuration risk across tenants in seconds
🛠️ Harden with enforced security baselines and templates at scale
🧠 Detect AI-driven anomalies and meaningful posture drift
⚡ Respond with guided and automated remediation, not just alertsBuilt for managing dozens or hundreds of tenants without manual overhead.
Start a free trial and see the benefits in seconds
☀️ Learn
🧰 Workload ID
📺 Which Azure Managed ID Is Right For You? • Azure Academy
👮♂️ ID Governance
Entra IGA for dummies - Part 1 of 5 • Rojan Koc
Microsoft Entra Access Reviews: Governance for User and Guest Access • Oliver Müller
📺 Stop Individual Roles! 1-Click PIM for Groups (2026) (16 min) • Azure Brother
📦 Apps
Heads-up: Service Principal-less apps Retirement March 2026 • Frank van Zandwijk
🔑 Authentication
Passkeys and the Personal Phone Problem – An MFA Update for 2026 • Michael Mardahl
📺 How Passkeys Work (19 min) • Computerphile
👥 User & Group Management
Entra ID Rationalizes Session Revocation for User Accounts • Tony Redmond
Useful search filters in Entra ID you might not know (yet) • Jan Bakker
🚦 Conditional Access
Configuring Time-based Conditional Access Policies • Daniel Bradley
How to Configure Risk Remediation Control in Conditional Access Policy • Sruthy
🔐 Credential Management
🖥️ Devices
Streamline AVD Sign‑In With Microsoft Entra ID SSO • Michele Blum
🥷 Security
ConsentFix – The Quickfix • Michael Mardahl
OID-See: Giving Your OAuth Apps the Side-Eye • Graham Gold
Security That Scales: Designing Repeatable Azure Alerts with KQL • Jon Hope
Simple Security for Microsoft 365 • Brian Reid
Zero Trust in Entra Identity - Easy Monitoring Break Glass Accounts • Klaus Bierschenk
📒 Tenant Configuration
Entra ID Interactive Workshop Announcement • Mateusz Jendza
Introducing I.D.E.A. (and I.D.E.A #001) • Per-Torben Sørensen
🎙️ Podcasts
📺 Untangling Identity: From Active Directory to Entra ID with Eric Woodruff • The Security Repo
🔥 Maester
Want to get featured on Entra.News? → Submit your content 😎
Want us to say nice things about your company? Sponsor entra.news 🤩
Love the newsletter? Tell us 💚❤️💜
🪃 Acknowledgement of Country
Entra.News is created on Wurundjeri land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. We pay our respect to them and their cultures and to elders both past and present.
Great roundup as always. The section on Global Secure Access deployment really caught my attention, especially the part about retiring corporate VPNs in Zero Trust environments. I've been working through similar challenges at my org, and the scaling issues are real when migrating from traditional perimeter security to identity-centric controls. The Altered Security sponsorship is timely too since thier red team courses help validate these new security postures against actual attack vectors.