Every organization has its own flavor of chaos—shouldn’t your access controls reflect that? Dive into the Entra ID Conditional Chaos Engine and see how intelligent conditions can bring order to the unpredictable.

Read more 👉 https://lttr.ai/ApSVG

#ConditionalChaosEngine #M365ShowPodcast #EntraId

Microsoft adds Passkey option to Entra ID registration campaigns

Starting in April this year, Microsoft plans to add Passkey support to Entra ID registration campaigns.

https://www.heise.de/en/news/Microsoft-adds-Passkey-option-to-Entra-ID-registration-campaigns-11215507.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#EntraID #IT #Microsoft #Passkey #Security #news

Microsoft ergänzt Passkey-Option in Entra-ID-Registrierungskampagnen

Ab April dieses Jahres will Microsoft Passkey-Unterstützung zu Entra-ID-Registrierungskampagnen hinzufügen.

https://www.heise.de/news/Microsoft-ergaenzt-Passkey-Option-in-Entra-ID-Registrierungskampagnen-11215078.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#EntraID #IT #Microsoft #Passkey #Security #news

iX-Workshop: Identitäten in Entra ID mit Conditional Access Policies schützen

Erfahren Sie, wie Sie die Zero-Trust-Architektur mit Zugriffsrichtlinien in Entra ID umsetzen und so Ihr Unternehmensnetzwerk effektiv schützen.

https://www.heise.de/news/iX-Workshop-Identitaeten-in-Entra-ID-mit-Conditional-Access-Policies-schuetzen-11194753.html?wt_mc=sm.red.ho.mastodon.mastodon.md_beitraege.md_beitraege&utm_source=mastodon

#EntraID #IT #iXWorkshops #Microsoft #Microsoft #MicrosoftAzure #Security #news

Microsoft just announced official support to store device bound Passkeys for Entra ID in the Windows Hello container. No app, no external hardware key but built in support. Sadly no attestation while in preview.

https://mc.merill.net/message/MC1247893

#Passkey #EntraID

Blogged: Invite Guest users in a Entra ID Multi-tenant setup

https://damienbod.com/2026/03/09/invite-guest-users-in-a-entra-id-multi-tenant-setup/

#graph #entra #mau #identity #iam #entraid #oauth #openidconnect #oidc #security

RE: https://infosec.exchange/@merill/116188307859736132

Android Authenticator

Root Detection

🚨⚠️🚨⚠️🚨⚠️🚨⚠️

#MicrosoftAuthenticator on #Android
strictly blocks usage on rooted or
jailbroken devices.

Relies on Google
Play Services;

privacy-focused OS
distributions (e.g., #GrapheneOS)
lacking Play Services will be
completely blocked.

THIS WONT MAKE EVERYONE HAPPY

#EntraID #AzureAD

Microsoft warned about OAuth redirect abuse on March 2, 2026. This isn't credential theft or classic token theft by itself. It weaponizes Entra ID error handling.

An attacker registers an OAuth app with a malicious redirect URI, sends a crafted login.microsoftonline.com link designed to fail, and Entra ID's 302 redirect lands the victim on a phishing page or malware dropper. The sign-in fails and the attacker still wins.

I built a detection and hardening kit you can deploy to an existing Sentinel workspace:

• 4 analytics rules: consent after risky sign-in, suspicious redirect URIs, OAuth error clustering, bulk consent

• 5 hunting queries: permissions baseline, non-corporate IP auth, high-privilege apps, URI inventory, token replay

• 1 workbook: OAuth Security Dashboard
Entra hardening: verified-publisher consent restriction, MFA policy for risky OAuth sign-ins

• OAuth app audit: flags suspicious redirect URIs and overprivileged permissions across app registrations

Blog post: https://nineliveszerotrust.com/blog/oauth-redirect-abuse-sentinel/

Companion lab on GitHub: https://github.com/j-dahl7/oauth-redirect-abuse-sentinel

#MicrosoftSentinel #EntraID #DetectionEngineering #OAuth #IdentitySecurity #BlueTeam

Blog Alert!

This time of getting the Data Api Builder MCP preview to connect to a Fabric Lakehouse SQL Endpoint using Entra ID.

#MCP
#DAB
#MicrosoftFabric
#Lakehouse
#SqlEndpoint
#EntraId

http://sqlreitse.com/2026/03/06/sql-mcp-local-to-fabric-lakehouse/