Entra.News #34: This week in Microsoft Entra
We look at, not one, but two new conditional access features. New trust direction options come to Entra Domain Services an upcoming Apple Device auth webinar and more!
👋 Hi, Merill here with this week’s round up of the latest news on Microsoft Entra from around the globe 🌍.
This week we look at, not one, but two 2️⃣ new conditional access features. New trust direction ↔️ options come to Entra Domain Services, an upcoming Apple Device auth webinar and more!
🎉 Congratulations to all the new and renewing MVPs, especially our friends who have been featured on Entra.News over the past year!
Enjoy!
⚡️ Microsoft
🏆 Generally Available
General Availability - Identity Protection and Risk Remediation on the Azure Mobile App • What's new in Microsoft Entra ID
New premium user risk detection, Suspicious API Traffic, is available in Identity Protection • What's new in Microsoft Entra ID
🔥 Public Preview
Prompt users for reauthentication on sensitive apps and high-risk actions with Conditional Access • Alex Weinert
Conditional Access: Device code flow and authentication flows • Microsoft Learn
Create a two-way forest trust in Microsoft Entra Domain Services with an on-premises domain • Microsoft Learn
📖 Read
Microsoft's Security Service Edge Solution - Deployment Guide for Microsoft Entra Internet Access - Proof of Concept • Microsoft Learn
Refreshed Identity and Access Management Cloud Adoption Framework (CAF) documentation • Daniel Söderholm
Zero Trust: Rapid Offboarding with Intune and Microsoft Entra ID • Jason Cody
Migrating Identity and Access Management scenarios to Microsoft Entra from Microsoft Identity Manager • Microsoft Learn
microsoft/Security-101 - Cybersecurity for Beginners – a curriculum • Sarah Young
📆 Upcoming Events
Apple Device Auth | Goodbye KeyChain, Hello Secure Enclave - 6 March 2024, 9:00am PST • Register at aka.ms/AppleDeviceAuth/Register
From the community…
☀️ Learn
🚔 Permissions Management
🛍️ External ID - Customers
Authenticating with Entra External ID for Customers (CIAM) with the device code flow • Rory Braybrook
Where do I go from Identityserver4? • Rory Braybrook
⛑️ ID Protection
5 Practical Usages of PIM for Groups Explained • Shehan Perera
Microsoft Entra ID Protection • Flavio Meyer
👮♂️ ID Governance
6 Essential UAR Processes To Improve Cyber Compliance - CHARBEL NEMNOM - MV • Charbel Nemnom
Powershell Connector for EntraID • Suryendu Bhattacharyya
🌐 Global Secure Access (SSE)
📦 Apps
🔑 Authentication
Introduction to TAP • Nicklas Olsen
Secure your Microsoft 365 access with hardware tokens • Michele Blum
TAP & Autopilot: Make Deployment Easy! • Nicklas Olsen
🤖 DevOps & PowerShell
Time Running Out for AzureAD and MSOL PowerShell Modules • Tony Redmond
Intune – Update your scripts to use a registered Entra ID application ID • Benoit Hamet
How to Clone Microsoft 365 Service Settings Using Microsoft365DSC • Admin Droid
Querying the Microsoft 365 Unified Audit Log datamart via the Graph API • Vasil Michev
The pitfalls of Microsoft Graph PowerShell SDK • Flavio Meyer, Michele Blum
🚦 Conditional Access
Protect your users from Device Code Flow abuse • Fabian Bader
A new, must-have Conditional Access policy • Thijs Lecomte
Top things that you might not be doing (yet) in Entra Conditional Access • Guillaume Bossiroy
Require Sign-in Every time a user activates role membership in Entra ID • Suryendu Bhattacharyya
Require Re-authentication for Registering Security Info (Adding Authentication Method) in Entra ID • Suryendu Bhattacharyya
Conditional Access Now Supports Reauthentication on Sensitive Apps & High-Risk Actions • Office 365 Reports
🖥️ Devices
Secure your access to AVD with hardware tokens • Michele Blum
Citrix DaaS – Entra ID SSO with PRT and without FAS • Julian Jakob
Different Methods to Intune Windows Devices Enrollment • Benoit Lecours
🏙️ External ID - Guests & Multi-Tenant Organizations
How to Automate Guest Account UserType Updates in Microsoft Entra with PowerShell • Shaun H
External Sharing Domain Sync • Alexander Holmeset
📈 Reporting and Insights
Microsoft Releases Entra ID License Utilization Insights • Tony Redmond
Reporting Soft-Deleted Entra ID Objects • Tony Redmond
🥷 Security
Weaponization of Token Theft – A Red Team Perspective • Edwin David
Using WDAC to ingest missing MDE events and detect token stealing • Robbe Van den Daele
Entra ID monitoring - are you doing the basics? (Part 2) • Michael Duddington
Meet Silver SAML: Golden SAML in the Cloud • Tomer Nahum, Eric Woodruff
🎙️ Podcasts
Microsoft Graph scopes giving attackers high hopes - Cloudfirst Podcast • Marius Sandbu, Marius Solbakken Mellum
Seamless Traveller Experience - Verify This • Gillian Jones
📺 Watch
Think You Can “Trust” Microsoft Entra, Watch This First! (8 min) • Dean Cefola
Azure DevOps Workload Identity Federation with Azure Overview. NO MORE SECRETS! (22 min) • John Savill
Conditional Access: Authentication flows (Public Preview) (5 min) • Rio Hindle
Block Personal Computers with Conditional Access in Microsoft 365 (9 min) • Jonathan Edwards
Running processes in the cloud with CLI for Microsoft 365 • Albert-Jan Schot
AKS Workload Identity - Quick Tutorial (12 min) • Azure Kubernetes Service (AKS)
👨🏽💻 Merill’s corner
🪃 Acknowledgement of Country
Entra.News is created on Wurundjeri land and acknowledges the traditional owners of country throughout Australia, recognising their continuing connection to land, water and community. I pay my respect to them and their cultures and to elders both past and present.