Entra π News #69 β This week in Microsoft Entra
π Learn about managing Entra ID role assignments with Entra ID Governance π, a new helper library π to extend Entra with custom claims π οΈ, updates to security defaults π‘οΈ, and more! π
π Hey everyone! Merill and Joshua here with your weekly update on the latest Microsoft Entra news from across the globe πβ¨.
This week, I (Merill) started posting again on my YouTube channel. Iβve shared a handful of videosβif you find them useful, please subscribe at youtube.com/@merillx!
Here are some of my recent postsβ¦
Enjoy!
This weekβs sponsor
Altered Security offers multiple Red Team courses with affordable and enterprise-like hands-on labs for both Azure and on-prem environments. Each course comes with an industry-recognized certification. We are the creators of the Certified Azure Red Team Professional (CARTP), CRTP, CRTE and more. You can choose the Azure Red Team path or opt for individual courses.
Our courses and labs are designed by experts who have more than a decade's experience of training and speaking at Black Hat USA, DEF CON and other respected conferences. Join more than 30K professionals from 130+ countries. Enjoy 20% OFF on all courses during our Black Friday promotions till December 2, 2024 (10:00 AM ET). No coupon code required.
β‘οΈ Microsoft
π General Availability
Manage Microsoft Entra ID role assignments with Microsoft Entra ID Governance β’ Joseph Dadzie
Integrate data from external sources into Microsoft Entra tokens using the Authentication Events library β’ Abdul Hakim, Harman Dhunna, Steven Soneff
Using Entra profile information in Azure DevOps β’ Andrew Brenner
Source IP anchoring with Global Secure Access β’ Microsoft Learn
πΒ Read
Meet Microsoft Entra at Ignite 2024: November 18-22 β’ Irina Nechaeva
Update to security defaults β’ Nitika Gupta
Chinese threat actor Storm-0940 uses credentials from password spray attacks from a covert network β’ Microsoft Threat Intelligence
7 cybersecurity trends and tips for small and medium businesses to stay protected β’ Scott Woodgate
Allow your customers to access your copilots by integrating Copilot Studio with Microsoft Entra External ID β’ Fabian Alves
πΊΒ Watch
425 Show | Going on a Zero Trust Journey? Microsoft is Here to Help! (46 min) β’ Join Tarek Dawoud, Clay Taylor and David Hoerster
Streamline Phishing-Resistant MFA Simplified Passkey Provisioning with Microsoft and Yubico (56 min) β’ Tim Larson, Erik Parkkonen
Get started with App governance - Microsoft Defender for Cloud Apps (6 min) β’ Microsoft Security
π£οΈ Message Center
π Upcoming Events
From the communityβ¦
π Most popular posts from last week
Test Yourself Part 1: Identity β’ Truls Dahlsveen
Entra ID Attack & Defense Playbook β 4th Anniversary β’ Sami Lamppu
All you need to know about the NEW Windows LAPS in Windows 11 24H2 (11 min) β’ Dean Ellerby
βοΈ Learn
π Authentication
Deep Dive into Microsoft Authenticator Passkeys for iOS β’ Jon Towles
Entra ID Microsoft Authenticator Registration campain β’ Andres Bohren
π€ DevOps & PowerShell
How to bypass Microsoft Graph PowerShell access restrictions β’ Daniel Bradley
Managed Identity Permission Manager β v. 1.0.0.2 is out! β’ Michael Morten Sonne
Automating Sign-In Analysis with PowerShell and Microsoft Graph β’ Christian Ritter
Practical Graph: How to Use Graph Schema Extensions β’ Tony Redmond
Connect to the Microsoft Graph API securely using a Function App and Azure Key Vault β’ Louis Mastelinck
π¦ Conditional Access
How to block TOR access on Corp devices by using Conditional Access in Entra ID β’ Henrik F. Wojcik
Four Practical Tools and Strategies for Success with Conditional Access Policies β’ Jasper Baes
No Country for Old Logins: How to Block, Lock, and Protect Microsoft 365/Entra with Conditional Access β’ Ilya G.
πΒ Credential Management
Why Are Per-User MFA Settings Available in the Entra Admin Center? β’ Tony Redmond
Enablement of Passkeys in Authenticator with no key restrictions β’ Daniel Bradley
Register FIDO2 Passkey in Entra ID on behalf of users with PowerShell β’ Andres Bohren
π₯οΈ Devices
Entra join only is a journey β are you on it yet? β’ Martin Himken
Automatically adding device to Entra ID group through a remediation script β’ Damien Van Robaeys
How to Seamlessly Connect Non-Azure AD Joined Devices to Azure Virtual Desktop (AVD) β’ Shaun Hardneck
Set Device Extension Attributes in Microsoft Entra ID β’ Charbel Nemnom
Windows 365 (and Azure Virtual Desktop) Conditional Access Deep-Dive β Sparrowtech β’ Julian Sperling
π Reporting and Insights
π₯· Security
Attack techniques for Entra ID grouped by MITRE ATT&CK Tactic β’ Stratus Red Team
Top Recommended Security Settings for Microsoft Entra ID: A Guide for M365 Admins β’ Sreejith Reghunathan Pillai
Hardening Entra ID β’ Truls Dahlsveen
π Tenant Configuration
How to Restore the Service Plan for a Microsoft 365 Product License β’ Tony Redmond
πΊ Watch
DEF CON 32 - Abusing Windows Hello Without a Severed Hand - (42 min) β’ Ceri Coburn, Dirk jan Mollema
Unlocking the Power of Microsoft Entra Suite! β’ Travis Roberts
Entra ID Admin? 5 Mistakes That You Should NEVER Make! (22 min) β’ Andy Malone
Unlocking Privileges: The Power of PIM in Cybersecurity (1 min) β’ Travis Roberts
Application Roles with Microsoft Entra External ID (14 min) β’ Daniel Krzyczkowski
Microsoft Entra ID Licensing: Free, P1, P2, and the Entra Suite Explained (9 min) β’ Travis Roberts
Navigating Entra ID Apps: Uncovering Risks, Misconfigurations, and Attack Vectors (41 min) β’ Anders Kristiansen
Revolutionize Your Identity Management with Entra ID Governance (58 min) β’ Adrian Amos
Entra PowerShell versus Graph PowerShell (98 min) β’ Aleksandar NikoliΔ
Introducing the Cloud Debugger and DefaultAzureCredentials deep dive (78 min) β’ Gregor Suttie (Azure Greg)
π¨π½βπ» Merillβs corner
πͺ Acknowledgement of Country
Entra.News is created on Wurundjeri land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. I pay my respect to them and their cultures and to elders both past and present.