Entra.News #22: Your weekly dose of Microsoft Entra
Watch all the neat demos and training for Entra Private Access, Internet Access and ID Governance plus more from the community
👋 Greetings, this is Merill bringing you the twenty second issue of entra.news. Catch up on the latest Microsoft Entra news from around the globe.
Enjoy!
⚡️ Microsoft
📖 Read
Microsoft Incident Response lessons on preventing cloud identity compromise • Matt Zorich
Using device state for an improved SSO experience on browsers with blocked third-party cookies • Emily Lauber
Sending Your MSAL Telemetry To Azure Application Insights • Den Delimarsky
📺 Watch
🌐 Global Secure Access (SSE)
Microsoft Entra Private Access protections for on-premises & private cloud network resources (9 mins) • Microsoft Mechanics • Ashish Jain
Identity-centric Internet Access protections (9 mins) • Microsoft Mechanics • Camila Martins
Troubleshooting Deep Dive on Microsoft Entra Internet Access (1 hr) • The Microsoft 425Show • Thomas Detzner, Nick Wryter
👮♂️ ID Governance
Improve your security posture with Microsoft Entra ID Governance (½ hr) • Microsoft Security • Mark Wahl, Jairo Cadena, Jef Kazimer
Microsoft Entra ID Governance Workflow Customizations Deep Dive (1 hr) • The Microsoft 425Show • Alexander Filipin, Jef Kazimer
🚔 Permissions Management
Real World Lessons Learned from 18 months of CIEM implementations in the Enterprise • Bailey Bercik, Mark Morowczynski
🥷 Security
Level up your identity protection: Building an ITDR practice for modern business (½ hr) • Microsoft Security • Chris Ayers
Leveraging Microsoft Entra ID (Azure AD) to counter Token Theft (½ hr) • Microsoft Security • Paul Garner
From the community…
☀️ Read
👮♂️ ID Governance
Secure your landing zone with PIM • Paul Sanders
📦 Apps
Difference between Entra ID Enterprise Apps and App Registrations • Lukas Beran
How familiar are you with Entra ID App Registration and Enterprise App Security? • Sander Berkouwer
Protect your multi-tenant applications from being hijacked by admins in the customer tenant • Vasil Michev
🔑 Authentication
What problem do passkeys solve? - Modern Workplace Blog • Kenneth van Surksum
Migrate MFA and SSPR Policies to the Converged Authentication Methods Policy • Shehan Perera
Embark a Microsoft Entra Passwordless Journey with SailPoint Workflow • Tracy Yu
🤖 Automation & DevOps
Entra ID introduces lastSuccessfulSignInDateTime property • Tony Redmond
We can finally report on last successful login timestamp in Entra ID • Vasil Michev
Get Last Successful Sign-in Date Report for Microsoft 365 Users • Kavya
Microsoft Graph API Endpoint Adds Last Successful Sign-In Date Time • Brad Wyatt
Create an Inactive M365 User Report with Microsoft Graph PowerShell • Daniel Bradley
Mastering PowerShell Graph API: Easy-to-Follow Insights • Alex Asplund
Keep Track of new ServicePlans in M365 Licenses • Andres Bohren
🚦 Conditional Access
Conditional Access Policies and Breakglass Account Exclusion • Tony Redmond
Secure Emergency Access: Create and Manage Microsoft Entra Emergency Accounts with YubiKey • Oliver MÜller
🏙️ Multi-Tenant Organizations
Entra ID Cross Tenant Synchronization: What, Why & How? • Manish Periwal
🥷 Security
How to Prevent Users From Accessing The Microsoft Entra Portal • Daniel Bradley
🧰 Workload ID
Microsoft Entra Workload ID - Threat detection with Microsoft Defender XDR and Sentinel • Thomas Naunheim
⚒️ Toolkit
ROPCI This tool helps identify MFA gaps in your Entra configuration that allow API access through ROPC • Johann Rehberger
📺 Watch
Last Successful Sign In (Graph API - Beta) (7 Mins) • RioCloudSync
Microsoft Entra Private Access - initial configuration first look! (12 Mins) • Dean Ellerby MVP
👨🏽💻 Merill’s corner
→ How to find out when a user last signed into Microsoft 365
This new Graph update is going to make MANY of you happy! You no longer need to trawl through the sign in logs to find the last successful sign in of a user. The property is now available directly off 👇
⚡user.signInActivity.lastSuccessfulSignInDateTime⚡
❗One important note: The data for this property will not be backfilled and will only start recording sign-ins after 1 Dec 2023.
Learn more on the Microsoft Graph - signInActivity resource type page.
PS: I never imagined making a whole infographic for just one new property 😂
→ Active Directory Account Lockout vs Entra ID ‘Smart’ Lockout
There are some things we need to unlearn when we move to the cloud. Account lockout is one such thing. 👇
Entra ID smart lockout helps lock out bad actors that try to guess your users' passwords or use brute-force methods to get in. Smart lockout can recognize sign-ins that come from valid users and treat them differently than ones of attackers and other unknown sources. Attackers get locked out, while your users continue to access their accounts and be productive.
Read more at Prevent attacks using smart lockout
I am baffled that I am battling msft to get customers to adopt entra iga. Customers tell me, we "already spoke with msft and they said our iga requirements are two complex for entra, they said we should look at saviynt or SailPoint". it becomes a hard sell when the vendor says otherwise. I am someone from the MIM background we made MIM do things msft said not possible. I feel strongly that entra iga is ready for prime time including complex iga requirements, the extensions option is great for customization.
So what's up with msft sales? Is it that the sales tech support team is not experienced in iga or msft does not yet believe in the iga product?