New Secure by Default Changes in Microsoft 365 — LazyAdmin
Files Access for third-party apps now blocked by default. Roll out start mid July 2025. Admin Consent flow required| LazyAdmin
Learn how to enable and use the new delegate approvals feature in Microsoft Entra to delegate access package request approvals. The post How to Delegate Access Package Approvals in My Access appeared first on Our Cloud Network.| Our Cloud Network
Learn how to list and restore soft-deleted cross-tenant access policies in Microsoft Entra ID using Microsoft Graph PowerShell. The post Find and Restore Deleted Cross-Tenant Access Policies appeared first on Our Cloud Network.| Our Cloud Network
See how to hide or show approver details in access packages with this new feature and easily configure it with our guide. The post Configure Whether Requestors Can See Access Package Approver Details appeared first on Our Cloud Network.| Our Cloud Network
Learn why Microsoft cancelled a planned change to Entra ID access package visibility after overwhelming community feedback. The post Microsoft cancels access package visibility changes appeared first on Our Cloud Network.| Our Cloud Network
Use PowerShell and new Microsoft Graph APIs to visualise user MFA, SSPR, and password reset activity in your Microsoft 365 tenant. The post How to Visualise Microsoft Entra MFA Sign-in Metrics with PowerShell appeared first on Our Cloud Network.| Our Cloud Network
Discover the best practices for configuring PIM in Microsoft Entra. This guide will help you implement a robust and secure Zero Trust model. The post Best Practice for Configuring Privileged Identity Management in Microsoft Entra appeared first on Our Cloud Network.| Our Cloud Network
Upcoming in September 2025: Microsoft is rolling out automatic registration for Entra ID External Authentication Methods (EAMs). Find out how this change may impact your users and what admins must do to prepare. The post Microsoft to Roll out Automatic Registration for External Authentication Methods appeared first on Our Cloud Network.| Our Cloud Network
Learn why you must evolve your Conditional Access policies to properly manage risk for your passwordless users. The post Blocking risky users with Passwordless Authentication methods appeared first on Our Cloud Network.| Our Cloud Network
In this article, I would like to point out options to identify, monitor and avoid persistent access on Managed Identities privileges by adding federated credentials on User-Assigned Managed Identities (UAMI) from malicious or unauthorized entities. We will also have a quick look at attack paths and privileges which should be considered.| Thomas Naunheim
In the recent parts of the blog post series, we have gone through the various capabilities to detect threats and fine-tune incident enrichment of Workload Identities in Microsoft Entra. This time, we will start to automate the incident response for tackling malicious activities and threats. This includes the usage of Conditional Access for Workload ID but also configuring a Microsoft Sentinel Playbook with the least privileges.| Thomas Naunheim
Attack techniques has shown that service principals will be used for initial and persistent access to create a backdoor in Microsoft Entra ID. This has been used, for example as part of the NOBELIUM attack path. Abuse of privileged Workload identities for exfiltration and privilege escalation are just another further steps in such attack scenarios. In this part, we will have a closer look on monitoring workload identities with Identity Threat Detection Response (ITDR) by Microsoft Defender XD...| Thomas Naunheim
Files Access for third-party apps now blocked by default. Roll out start mid July 2025. Admin Consent flow required| LazyAdmin
In this contribution I will show you how you can build your own Security Copilot, by using Azure Open AI, AI Search Service and your own security data sources, in a creative way that let users ask about their own security status in a natural language! This is part of my contribution to the Festive […]| GoToGuy Blog
Microsoft recently announced that Workload Identity Federation for Azure Pipelines now is in Public Preview: https://devblogs.microsoft.com/devops/public-preview-of-workload-identity-federation-for-azure-pipelines/. This opens for a lot of scenarios for Azure service connections, without the need to manage secrets for service principals and more security as there are no secrets that can be exposed or exfiltrated. As I work a lot […]| GoToGuy Blog
Imagine you have a list of rules for how your devices should behave. Declared Configuration is like giving your devices a set of instructions and telling them to always follow these rules. Once you...| Mr T-Bone´s Blog
In the ever-evolving landscape of IT management, having real-time insights into the state of your devices is crucial. Microsoft Intune now provides a feature known as Device Query for multiple devices that allows IT...| Mr T-Bone´s Blog
Today, we’re diving into the latest and greatest update for Windows 11 Enterprise – Hotpatching! If you’re like me, you’re always looking for ways to keep your systems secure without the hassle of constant...| Mr T-Bone´s Blog
Have you ever looked at your Active Directory and wondered, "Why do I still have computers listed that haven't been turned on since World Cup 2016?" Yeah, we've all been there. Keeping AD clean and up-to-date is like trying to organize your garage—it’s easy to put off until it becomes a total mess.That’s where my PowerShell module, CleanupMonster, comes to the rescue. This little powerhouse is designed to help you effortlessly track down and deal with those old, stale computers clutteri...| Evotec
Active Directory (AD) is crucial in managing identities and resources within an organization. Ensuring its health is pivotal for the seamless operation of various services. Today, I decided to look at Microsoft Entra Connect Health (Azure AD Connect Health) service, which allows monitoring Azure AD Connect, ADFS, and Active Directory. This means that under a single umbrella, you can have an overview of three services health. But is it worth it? The post Active Directory Health Check using Mic...| Evotec
According to the Microsoft Digital Defense Report 2022, weak identity controls are listed as a top three contributing factors found during ransomware incident response. One particularly troubling finding within identity […] The post Protect your privilege with PAW appeared first on Eric on Identity.| Eric on Identity
Collecting details of all workload identities in Microsoft Entra ID allows to build correlation and provide enrichment data for Security Operation Teams. In addition, it also brings new capabilities for creating custom detections. In this blog post, I will show some options on how to implement a data source for enrichment of non-human identities to Microsoft Sentinel and the benefits for using them in analytics rules.| Thomas Naunheim
Workload identities should be covered by lifecycle management and processes to avoid identity risks such as over-privileged permissions but also inactive (stale) accounts. Regular review of the provisioned non-human identities and permissions should be part of identity operations. In this article, we will go through the different lifecycle phases and other aspects to workload identities in your Microsoft Entra environment.| Thomas Naunheim
Workload identities will be used by applications, services or cloud resources for authentication and accessing other services and resources. Especially, organizations which follows a DevOps approach and high automation principals needs to manage those identities at scale and implement policies. In the first part of a blog post series, I would like to give an overview about some aspects and features which are important in delegating management of Workload ID in Microsoft Entra: Who can see and...| Thomas Naunheim
