Azure Active Directory

After the successful SolarWinds attack in 2020 where attackers gained access to Microsoft’s systems, Microsoft changed its approach and aligned with the National Institute of Standards and Technology’s (NIST) zero trust architecture. In this article, we’re going to detail how Microsoft’s zero trust approach leverages Azure Active Directory and Identity and Access Management to enable cloud…

Microsoft has announced the general availability of Conditional Access authentication strength policies for Azure Active Directory (Azure AD). The new feature allows IT admins to choose which multifactor authentication (MFA) methods can be used while accessing network resources. Multifactor authentication (MFA) is a security feature that allows customers to use two or more methods of…

Key takeaways: Microsoft has announced API-driven provisioning support for Microsoft Entra ID (formerly Azure Active Directory). This new release allows businesses to seamlessly integrate their authoritative system of record with Azure AD provisioning, encompassing everything from HR and payroll apps to SQL tables and spreadsheets. The API-driven provisioning feature is designed to help organizations ensure…

Many Office 365 applications now create Azure Active Directory guest accounts. What’s the best way to discover if the accounts are active and in use? This PowerShell script uses the Office 365 audit log and message trace data to figure out what guest accounts are active and outputs a CSV file for your review and analysis. Like any other PowerShell script, it can be adapted to suit your purposes.

Key Takeaways: Microsoft has released a new update that enables IT admins to designate sponsors for Entra ID guest accounts. The feature launched in public preview in July, allowing organizations to appoint individuals or groups as sponsors for their guest accounts (via Office 365 for IT Pros). A sponsor is a “responsible individual” who tracks…

Key Takeaways: Microsoft Defender for Identity has added a cutting-edge addition to its toolkit – a new sensor now deployable on Active Directory Certificate Services (AD CS) servers. The sensor augments the existing capabilities, significantly enhancing the detection mechanisms for identifying questionable certificates within enterprise environments. Active Directory Certificate Services (AD CS) is a Windows…

Microsoft Entra ID will soon start delivering multifactor authentication (MFA) text messages through WhatsApp. The company announced on the Microsoft 365 Admin Center yesterday that this update will begin rolling out to customers in select markets next month. As of today, the Microsoft Entra ID Multifactor Authentication feature uses text messages to send one-time passcodes…

Microsoft announced yesterday a new update for its Microsoft Entra ID Protection service. This release brings a new dashboard, advanced detection capabilities, integration with Microsoft 365 Defender, and more. The Microsoft Entra ID Protection service leverages machine learning to detect, investigate, and remediate identity-based sign-in risks and unusual activities. It uses risk-based adaptive access policies…

Microsoft has released a public preview of a new continuous access evaluation (CAE) setting for the Entra ID Conditional Access service. The new feature enables IT admins to strictly enforce location policies for network access in enterprise environments. Continuous Access Evaluation is a mechanism that offers real-time evaluation of Conditional Access policies for certain apps….

Microsoft has announced the general availability of improved company branding functionality for enterprise customers. The new feature launched in preview last year, allowing organizations to customize the sign-in experiences of Microsoft Entra ID (Azure AD) and Microsoft 365 apps. “With enhanced company branding, you’ll be able to create a custom look and feel for the…