Entra 🆔 News #68 → This week in Microsoft Entra
🔍 Learn about the latest enhancement in Microsoft Authenticator, ✍️ sign up for webinars from the Microsoft product group on 🔑 passkey provisioning, 🔐 Zero Trust workshop ➕ more!
👋 Hi, Merill and Joshua here with this week’s roundup of the latest Microsoft Entra news from around the globe 🌍.
I'm excited to share that a project I've (Merill) been working on as part of my day job at Microsoft is about to go live in the coming weeks. To learn all about it, sign up for the "Going on a Zero Trust Journey? Microsoft is Here to Help!" session, scheduled for October 30, 2024, at 8:00 AM PT. See below for more details.
There’s some invaluable content from the community this week, especially new tools and must-watch YouTube videos.
Enjoy!
⚡️ Microsoft
🔥 Public Preview
The latest enhancements in Microsoft Authenticator • Nitika Gupta
📺 Watch
Best Practices for How to Manage All Your Access from the Cloud - SANS CloudSecNext Summit 2024 • Bailey Bercik, Jef Kazimer
📆 Upcoming Events
October 29, 2024, at 9:00 AM PT - Streamline Phishing-Resistant MFA: Simplified Passkey Provisioning with Microsoft and Yubico Microsoft and Yubico will explore the seamless adoption of phishing-resistant multi-factor authentication (MFA) through Microsoft’s new Entra ID passkey (FIDO2) provisioning APIs. Designed for enterprises and agencies worldwide, these APIs empower organizations to deploy security keys quickly and effectively, ensuring robust phishing-resistant authentication from Day 1 while facilitating recovery options.
October 30, 2024, at 8:00 AM PT - 425 Show: Going on a Zero Trust journey? Microsoft is here to help!
Are you one of the many customers on a Zero Trust security transformation journey to secure your organization end to end? Do you need help finding where to start, what to do next and how to measure progress and success? Join Tarek Dawoud, Clay Taylor, Enrique Saggese, and David Hoerster from the Microsoft Security Customer Experience Engineering team to learn about the Microsoft Zero Trust Workshop framework that is available to all and provides a structured way to assess where you are and to plan where to go next across the various pillars of Zero Trust such as Identity, Devices, and Data.
From the community…
🚀 Most popular posts from last week
The keys to the kingdom: how attackers can use FIDO2 passkeys against you • Max Rozendaal
Evaluating PIM's Effectiveness • Brandon Colley
Another deadline, another deep dive! Legacy MFA authentication methods deprecation. • Per-Torben Sørensen
🔥 Maester
Test Yourself Part 1: Identity • Truls Dahlsveen
☀️ Learn
📦 Apps
How to correctly use access tokens and ID tokens in your client application • Adam Matthews
Client Credentials - Client Certificate • Robbe Van den Daele
🔑 Authentication
How to Force Users to Sign in Weekly • Tony Redmond
🤖 DevOps & PowerShell
Managed Identity Permission Manager • Michael Morten Sonne
Grant Graph API Permission to Azure Automation System assigned Managed Identity • Vladimir Dronov
Get-UnifiedGroup – Manage Microsoft 365 Groups • Rudy Mens
Converting Device Groups to User Groups (and Vice Versa) Using Microsoft Graph API • Jannik Reinhard
Microsoft Graph Doesn’t Support Custom Attributes for Groups • Tony Redmond
🖥️ Devices
Support tip: Always unenroll from MDM when unjoining and rejoining Microsoft Entra hybrid devices • Intune Support Team
Jamf Pro + Intune: A Powerful Duo for Device Compliance • Somesh Pathak
Enabling Phishing Resistant MFA on macOS for admins and disabling SSPR for the whole tenant • Rahul Jindal
How to Disable Remember multifactor authentication on trusted devices • Ali Tajran
🥷 Security
Entra ID Attack & Defense Playbook – 4th Anniversary • Sami Lamppu
Cyber back to school: Microsoft Token Theft Unveiled • Robbe Van den Daele
♻️ Sync
How to Set Directory Synchronization Features with the Graph • Tony Redmond
📒 Tenant Configuration
Report license usage rights with Microsoft Graph PowerShell • Daniel Bradley
Microsoft Releases Beta Version of New Cloud Licensing Graph API • Tony Redmond
🛍️ External ID - Customers
End-to-End Full-Stack Web Application with Azure AD B2C Authentication: A Complete Guide • Naveed Kharadi
Configuring an Entra External ID application directly from Visual Studio • Rory Braybrook
⚒️ Toolkit
Managed Identity Permission Manager • Azure Managed Identity Permissions Tool, a new PowerShell tool that simplifies and streamlines the management of Managed Identity permissions in Azure (Entra ID).
Himmelblau - Himmelblau is a Samba Team project that adds support for Linux authentication to Microsoft Azure Entra ID via PAM and NSS modules.
Stratus Red Team - Stratus attack techniques for Entra ID
📺 Watch
Abandoning Active Directory: Can Entra ID Be the Future? (16 min) • Chris Bower
Hidden In Plain Sight: (Ab)Using Entra's AUs - BSides Toronto (28 min) • Katie Knowles
Gone in 60 Seconds… How Azure AD/Entra ID Tenants are Compromised - Cloud Village (37 min) • Sean Metcalf
Bridging Worlds: Linux and Azure AD (23 min) • David Mulder (openSUSE)
All you need to know about the NEW Windows LAPS in Windows 11 24H2 (11 min) • Dean Ellerby
One Auth to Rule them All: Centralizing Authentication with Azure and API Gateway (37 min) • Filippos Karailanidis
9 Ways Microsoft 365 Can Help Achieve Cyber Essentials (8 min) • Jonathan Edwards
How to Authenticate onto Meraki WiFi with Microsoft Entra ID (Native) (8 min) • Meraki Minute
🪃 Acknowledgement of Country
Entra.News is created on Wurundjeri land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. I pay my respect to them and their cultures and to elders both past and present.