Microsoft Entra security is evolving and the way organizations think about identity protection needs to evolve with it. In this episode, I’m joined by Sean Metcalf, one of the foremost identity security experts in the industry, whose work has helped shape how many organizations approach securing both Active Directory and Microsoft Entra.
Sean shares the hardening steps many teams still overlook, and why advances in AI are making it easier for both defenders and attackers to work faster than ever before. From MFA and application controls to protecting privileged accounts and reducing unnecessary exposure, this conversation offers a practical look at where strong identity security starts and why getting the fundamentals right matters more than ever.
Subscribe with your favorite podcast player or watch on YouTube 👇
About Sean Metcalf
Sean Metcalf is the Identity Security Architect at TrustedSec and a renowned expert in Microsoft identity security. He holds the rare Certified Master in Active Directory certification and has spoken at major security conferences including Black Hat, DEF CON, and BlueHat on how to defend cloud and hybrid environments.
LinkedIn - https://www.linkedin.com/in/seanmmetcalf/
🔗 Related Links
Securing Entra ID Administration: Tier 0 - https://trustedsec.com/blog/securing-entra-id-administration-tier-0
Managing Privileged Roles in Microsoft Entra ID: A Pragmatic Approach - https://trustedsec.com/blog/managing-privileged-roles-in-microsoft-entra-id-a-pragmatic-approach
Improve Entra ID Security More Quickly - https://adsecurity.org/?p=4825
Microsoft Graph Skill - https://graph.pm
📗 Chapters
00:04:05 AI and the Evolution of Attacks
00:06:42 The Importance of Hardening Fundamentals
00:12:03 Securing Entra ID Quickly
00:16:24 Protecting Tokens with VBS and TPM
00:19:58 Restricting Consent and Guest Users
00:23:40 Managing Rogue Tenants
00:27:36 Cloud Admin Workstation Strategies
00:34:14 Delegated Admin Privileges
00:44:32 The Danger of Application Permissions
00:57:06 Artemis Mission Trivia
Podcast Apps
🎙️ Entra.Chat - https://entra.chat
🎧 Apple Podcast → https://entra.chat/apple
📺 YouTube → https://entra.chat/youtube
📺 Spotify → https://entra.chat/spotify
🎧 Overcast → https://entra.chat/overcast
🎧 Pocketcast → https://entra.chat/pocketcast
🎧 Others → https://entra.chat/rss
Merill’s socials
📺 YouTube → youtube.com/@merillx
👔 LinkedIn → linkedin.com/in/merill
🐤 Twitter → twitter.com/merill
🕺 TikTok → tiktok.com/@merillf
🦋 Bluesky → bsky.app/profile/merill.net
🐘 Mastodon → infosec.exchange/@merill
🧵 Threads → threads.net/@merillf
🤖 GitHub → github.com/merill
