Microsoft Entra is expanding system-preferred authentication to first-factor login, prioritizing secure methods like passkeys over passwords.
Guide to setting up an Exchange Online shared mailbox for automation agents using certificate-based authentication and Exchange RBAC.
Analysis of bypassing Entra Conditional Access via alternative token broker techniques, focusing on security vulnerabilities.
Explains that new Entra admin roles are not automatically protected by Conditional Access policies, creating a security gap.
Discusses the critical need for secure account recovery workflows when implementing passkeys, highlighting Microsoft Entra's new preview solution.
Explains why being an Azure Storage Account Owner doesn't grant data access and how to assign the correct Storage Data roles.
A technical guide on securing Azure Files with Entra ID Kerberos, focusing on private network access via VPN, Firewall, and Private Endpoints.
Exploring undocumented time-based Conditional Access policies in Microsoft Entra using Graph API and LLM assistance.
Guide to setting up Microsoft Entra Conditional Access policies for the new Account Recovery feature, enhancing security with identity verification.
A guide to deploying Azure Virtual Desktop using Intune for cloud-only users, eliminating on-premises dependencies.
A guide to using Connect-MgGraph PowerShell cmdlet for authenticating and automating Microsoft Graph API access, covering app registration and authentication flows.
A technical guide on manually configuring federated identity service connections in Azure DevOps to maintain control over Azure Entra service principals.
A guide to implementing Entra ID token protection to secure Azure Virtual Desktop and Windows 365 Cloud PCs from token theft.
A technical guide on implementing end-to-end user authorization for MCP servers using Entra ID, OAuth 2.0, and on-behalf-of flows.
Explains an issue where Azure PIM configuration objects persist after deleting the associated security group, and provides the documented solution.
A guide to implementing cost-effective, 'good enough' security for Azure PaaS applications, covering architecture, Entra ID, WAF, and Managed Identities.
Explains how to use the experimental Bicep extensibility framework to manage Microsoft Graph resources like Entra groups and users via Infrastructure as Code.
Explains how to configure cross-tenant MFA trust and GDAP for secure, convenient access for Cloud Service Providers (CSPs) in Microsoft Entra ID.
How to fix Graph API queries filtering members in Entra groups and administrative units by user extension attributes.
A step-by-step manual for deploying and configuring Microsoft Entra ID Application Proxy to enable secure remote access to on-premises applications.
