👋 Hi, Merill and Joshua here with this week’s round up of the latest news on Microsoft Entra from around the globe 🌍.

This week we have heaps of content to watch on phishing resistant authentication, conditional access, macOS podcast from PSU macAdmins plus a neat tool to check for gaps in your authentication posture.

Enjoy!

⚡️ Microsoft

🏆 General Availability

• Migrate ADAL apps to MSAL with enhanced insights • Neha Goel

📽️ aka.ms/DontGetPhished

YouTube playlist of phishing-resistant authentication training by the Microsoft Entra product group 👇

• Why phishing resistant authentication is important • Alex Weinert, VP Identity and Network Access Security

• Get started with phishing-resistant multifactor authentication • Ehud Itshaki, Principal Product Manager

• Phishing-resistant multifactor authentication methods available in Microsoft Entra ID • Keith Brewer, Principal Product Manager

• Windows Hello for Business and cloud Kerberos trust provisioning • Bailey Bercik, Senior Product Manager and Merill Fernando, Principal Product Manager

• Configure Windows Hello for Business for passwordless authentication • Bailey Bercik, Senior Product Manager and Merill Fernando, Principal Product Manager

• Configure Microsoft certificate-based authentication • Nick Wryter, Principal Product Manager, and Vimala Ranganathan, Principal Product Manager

• Configure user experience in Microsoft Entra certificate-based authentication • Vimala Ranganathan, Principal Product Manager

• Microsoft Entra Conditional Access authentication strength • Grace Picking, Senior Product Manager and Inbar Cizer Kobrinsky, Principal Product Manager

• Configure Conditional Access authentication strength policies • Inbar Cizer Kobrinsky, Principal Product Manager, and Grace Picking, Senior Product Manager

• Bringing passkeys into your passwordless journey • Erik Dauner, Senior Program Manager, Calvin Lui, Product Manager, and Mayur Santani

📖 Read

• Now available: Modernize your SAP environment with Microsoft Entra ID • Melanie Maynes

• Architectural considerations for identity in a multitenant solution • Microsoft Learn

• Connect Azure SQL Server via User Assigned Managed Identity under Django • Ringe Chen

• Conditional Access Policy support on Azure DevOps • Microsoft Learn

📺 Watch

• Insider Risk Condition in Entra Conditional Access (17 min) • Sophia Qureshi, Poulomi Bandyopadhyay

• Bridge the gap between Identity and Security teams. (1 min) • Microsoft Mechanics

🗣️ Message Center

• 26 Jul - MC837081 - Microsoft 365 admin center: Admins can no longer receive user passwords in email as of August 30, 2024 [🔺 Major change]

• 28 Sep - MC678069 - Migrate to the Authentication methods policy in Entra ID by September 30, 2025

📆 Upcoming Events

• Zero Trust in the Age of AI: Join our online event to learn how to strengthen your security posture on July 31, 2024 @ 10am PT • Vasu Jakkal

From the community…

☀️ Learn

👮‍♂️ ID Governance

• Using Entra ID Governance and Sentinel to assure user alignment with HR data • Christian Frohn

🌐 Private Access & Internet Access (GSA)

• Tenant Restrictions Made Easy with Global Secure Access • Matej Klemenčič

🔑 Authentication

• The End of Passwords? Embrace the Future with Passkeys. • Guillaume Bossiroy

• Phishing-resistant MFA basics • Derk van der Woude

🤖 DevOps & PowerShell

• The Maddening Side of the Microsoft Graph PowerShell SDK • Tony Redmond

🚦 Conditional Access

• Enhancing Security with Idle Session Timeout in Microsoft 365 • Shaun H

🖥️ Devices

• From Intune to EntraID – Add custom data to the Extension Attributes • Ugur Koc

• MacOS and Certificate Based Authentication • Maxime Guillemin

• How to: Sign-in as an administrator on Entra ID joined devices via TeamViewer • Michele Blum

📈 Reporting and Insights

• Adding Cost Center Reporting to the Microsoft 365 Licensing Report • Tony Redmond

🥷 Security

• Abusing PIM-related application permissions in Microsoft Graph - Part 1 • Emilien Socchi

• The Security Principle Every Attacker Needs to Follow • Elad Shamir

• Sympathy for the devil, empathy for the Identity professional • Sander Berkouwer

⚒️ Toolkit

• FindMeAccess • Ryan McFarland

FindMeAccess is a tool useful for finding gaps in Azure/M365 MFA requirements for different resources, client ids, and user agents. The tool is mostly based off Spray365's auditing logic. The goal is to provide a streamlined way to quickly check gaps in coverage, as well as obtain tokens.

🎙️ Podcasts

• Episode 373: PSU Mac Admins • Tom Bridge, Marcus Ransom, Michael Epping

📺 Watch

• Why Your Conditional Access Policies Are Failing [5 Major Pitfalls] • Ru Campbell

• Permission to Hack You: Illicit Consent Grant Attack • John Hammond

• How to automatically rotate your BitLocker recovery keys every 30 days (34 min) • Steve Weiner

• External Identities Hub Architecture - User Authentication with Verifiable Credentials (12 min) • Daniel Krzyczkowski

• How to Deploy Risk-Based Policies with Microsoft Entra ID (9 min) • Rio Hindle

• PowerShell Performance Tweaks - MS Graph Edition (90 min) • Christian Ritter

👨🏽‍💻 Merill’s corner

🪃 Acknowledgement of Country

Entra.News is created on Wurundjeri land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. I pay my respect to them and their cultures and to elders both past and present.