Entra.Chat

Merill Fernando
  • 5,0 (4)
  • TECNOLOGIA
  • SEMANAL

Entra Chat is a weekly podcast hosted by Merill Fernando and delivers practical insights for Microsoft administrators and security professionals through conversations with identity experts who've been in the trenches. Episodes feature seasoned Entra practitioners sharing real-world deployment experiences and Microsoft Entra team members who build the features you use daily. Get the inside track on best practices, implementation strategies, and upcoming capabilities directly from those who design and deploy Microsoft identity solutions. Join us for actionable takeaways you can apply immediately in your Microsoft 365, Azure, and Entra environments. --- Entra.Chat, its content and opinions are my (Merill Fernando) own and do not reflect the views of my employer (Microsoft). All postings are provided “AS IS” with no warranties and is not supported by the author. All trademarks and copyrights belong to their owners and are used for identification only. entra.news

  1. HÁ 6 DIAS

    Red Team Secrets: How we bypass Conditional Access (and how you can fix it)

    In this episode of Entra.Chat, I dive deep with cybersecurity architect Fabian Bader into his research on bypassing poorly designed Microsoft Entra’s conditional access policies and what you can do about them. We also cover the game-changing new Group Source of Authority feature that lets you finally manage synced groups in the cloud, and share insights from Fabian’s work with MSRC to secure the platform—don’t miss this one if you want to stay ahead in cloud security! Subscribe with your favorite podcast player or watch on YouTube 👇 About Fabian Bader Fabian Bader is a Cybersecurity Architect at glueckkanja, based in Hamburg, Germany. He is a well-known researcher in the Microsoft identity space, creator of the Cloud Brothers blog, and creator of the Maester and Token Tactics V2 tools. His work focuses on Microsoft Entra and the Defender suite, helping customers secure their cloud environments. LinkedIn - https://www.linkedin.com/in/fabianbader/ 🔗 Related Links * Fabian’s Blog - https://cloudbrothers.info/ * Entra Scopes - https://entrascopes.com/ * Maester - https://maester.dev/ * Token Tactics V2 - https://github.com/f-bader/TokenTacticsV2 📗 Chapters 02:19 The Story of the "Cloud Brothers" Blog 03:32 The Origin Story of Maester 07:39 Token Tactics V2 & Continuous Access Evaluation 09:43 How Conditional Access Bypasses Are Found 12:05 What is FOCI (Family of Client IDs)? 18:04 Hardening Your Conditional Access Policies 29:59 V1 vs V2 Token Endpoints Explained 38:19 Using Graph Activity Logs in Defender XDR 42:45 The New Group Source of Authority (SOA) 54:59 Workplace Ninjas US Announcement Podcast Apps 🎙️ Entra.Chat - https://entra.chat🎧 Apple Podcast → https://entra.chat/apple 📺 YouTube → https://entra.chat/youtube 📺 Spotify → https://entra.chat/spotify 🎧 Overcast → https://entra.chat/overcast 🎧 Pocketcast → https://entra.chat/pocketcast 🎧 Others → https://entra.chat/rss Merill's socials 📺 YouTube → youtube.com/@merillx 👔 LinkedIn → linkedin.com/in/merill 🐤 Twitter → twitter.com/merill 🕺 TikTok → tiktok.com/@merillf 🦋 Bluesky → bsky.app/profile/merill.net 🐘 Mastodon → infosec.exchange/@merill 🧵 Threads → threads.net/@merillf 🤖 GitHub → github.com/merill Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe

    58min

  2. 23 DE AGO.

    Inside Entra Resilience: Microsoft's Outage War Stories, Backup Secrets and Preventing Global Outages

    In this episode, I sit down with my boss, Tarek Dawoud, to pull back the curtain on what really happens during a major service outage. Tarek shares some incredible "war stories" from his time in the trenches, from the early days of DirSync where the team had to edit a sync file with a debugger to prevent an incident, to the massive outages of 2017 and 2018 that changed everything. We'll give you a peek into the high-stakes, quick-thinking world of a "live site" incident and reveal the groundbreaking engineering principles like cell-based architecture and the backup authentication service that were born from these challenges, making Entra more resilient than ever before. Subscribe with your favorite podcast player or watch on YouTube 👇 About Tarek Dawoud Tarek Dawoud is a Lead Architect in the Customer Engineering team for Microsoft Entra. With years of experience growing up in Entra engineering, he has been involved in his share of outages and has a deep understanding of what it takes to build and maintain a resilient, hyperscale identity service. LinkedIn - https://www.linkedin.com/in/tarekdawoud/ 🔗 Related Links * SLA performance for Microsoft Entra ID - aka.ms/entraidsla * Microsoft Blames "Severe Weather" for Azure Cloud Outage * Microsoft Probes Cause of Global Web Outage * Microsoft's Azure AD authentication outage: What went wrong 📗 Chapters 00:57 What is a "Live Site"? 14:15 The Secret to Entra's Uptime: Cell-Based Architecture 18:09 How Entra Routes Your Login Request Globally 24:46 War Story #1: The 2017 Conditional Access Outage 29:52 War Story #2: How a Hurricane & an Office Bug Caused Chaos 43:39 The Backup Auth Service: Entra's Secret Weapon 57:54 Does the Backup Service Kick in Automatically? 01:04:16 Regional Isolation & The Power of Managed Identity 01:08:17 Anatomy of a Near-Outage in 2021 01:12:02 How Microsoft's Culture Learns From Mistakes Podcast Apps 🎙️ Entra.Chat - https://entra.chat 🎧 Apple Podcast → https://entra.chat/apple 📺 YouTube → https://entra.chat/youtube 📺 Spotify → https://entra.chat/spotify 🎧 Overcast → https://entra.chat/overcast 🎧 Pocketcast → https://entra.chat/pocketcast 🎧 Others → https://entra.chat/rss Merill's socials 📺 YouTube → youtube.com/@merillx 👔 LinkedIn → linkedin.com/in/merill 🐤 Twitter → twitter.com/merill 🕺 TikTok → tiktok.com/@merillf 🦋 Bluesky → bsky.app/profile/merill.net 🐘 Mastodon → infosec.exchange/@merill 🧵 Threads → threads.net/@merillf 🤖 GitHub → github.com/merill Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe

    1h15min

  3. 15 DE AGO.

    Identity War Stories: Surviving the Domain Cutover Nightmare!

    In this episode, I sit down with Conrad Murray, a seasoned expert who lives and breathes the complexities of IT migrations during mergers, acquisitions, and divestitures. We dive deep into the real-world challenges that companies face, from the political battles of deciding whose tenant to use, to the technical nightmares of migrating three-quarters of a petabyte of data for a major global firm. Conrad shares some incredible "war stories" about the single hardest part of any migration—the domain cutover—and reveals why the success of a months-long project boils down to just the first four hours of the end-user experience on a Monday morning. Subscribe with your favorite podcast player or watch on YouTube 👇 About Conrad Murray Conrad Murray is an expert in the IT lifecycle, specializing in complex tenant-to-tenant migrations for mergers, acquisitions, and divestitures. With over 15 years of experience moving companies to the cloud, Conrad has seen it all, from early BPOS and Lotus Notes migrations to massive, petabyte-scale Microsoft 365 consolidations. LinkedIn - Conrad Murray 🔗 Related Links * Google to Microsoft 365 Migrations * PowerSyncPro 📗 Chapters 00:00:00 Intro 00:05:40 The Politics of Merging Tenants 00:07:23 Greenfield Tenants: A Fresh Start 00:09:58 War Story: Migrating 750TB for S&P Global 00:19:13 The Nightmare of Domain Cutovers 00:25:14 The Critical Day-One User Experience 00:30:00 Reconfiguring Mobile Devices: The Hardest & Easiest Part 00:35:46 Multi-Tenant Orgs (MTO): A Long-Term Solution? 00:49:22 The Unique Challenges of Divestitures 00:55:17 Data Cleanup That Never Happens 01:01:06 Tools of the Trade for Migration Success Podcast Apps 🎙️ Entra.Chat - https://entra.chat 🎧 Apple Podcast → https://entra.chat/apple 📺 YouTube → https://entra.chat/youtube 📺 Spotify → https://entra.chat/spotify 🎧 Overcast → https://entra.chat/overcast 🎧 Pocketcast → https://entra.chat/pocketcast 🎧 Others → https://entra.chat/rss Merill's socials 📺 YouTube → youtube.com/@merillx 👔 LinkedIn → linkedin.com/in/merill 🐤 Twitter → twitter.com/merill 🕺 TikTok → tiktok.com/@merillf 🦋 Bluesky → bsky.app/profile/merill.net 🐘 Mastodon → infosec.exchange/@merill 🧵 Threads → threads.net/@merillf 🤖 GitHub → github.com/merill Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe

    1h6min

  4. 9 DE AGO.

    Don't Get Left Behind: The Future of Identity Governance

    In this episode we are joined by Jef Kazimer, Principal Product Manager at Microsoft to discuss the critical role of Microsoft Entra ID Governance. We explore the entire identity lifecycle from joiners, movers, and leavers (JML), the financial and security benefits of automated provisioning, and the pitfalls of legacy IGA solutions. Jef shares his extensive experience, from deploying complex MIM solutions to helping shape the future of cloud-native governance, and provides key insights into how AI will drive the need for more robust governance and how Entra is leveraging technologies like Azure Logic Apps for supportable, long-term solutions. Subscribe with your favorite podcast player or watch on YouTube 👇 About Jef Kazimer Jef Kazimer is a PM on the Microsoft Entra team, specializing in Identity Governance. With a career spanning from help desk support and consulting to his current role in engineering, Jef has a deep understanding of the real-world identity and access management challenges that organizations face. He is passionate about helping customers secure their environments by leveraging the power of the cloud. LinkedIn - https://www.linkedin.com/in/jefkazimer/ 🔗 Related Links • Entra ID Governance licensing docs - https://learn.microsoft.com/en-us/entra/id-governance/licensing-fundamentals 📗 Chapters 01:39 From Atari to Microsoft: A Hacker's Journey 09:14 What is Identity Governance (and Why You're Already Doing It) 13:16 The Hidden Costs of Poor Governance & Licensing 15:58 The Customization Trap: Why 'Simple' is Better 22:57 Common Challenges in Identity Governance 27:36 Governance for Small vs. Large Businesses 30:51 The Secret to Great User Experience 42:33 Demystifying Entra ID Governance Licensing 46:41 The Future: How AI Changes Everything Podcast Apps 🎧 Apple Podcast → https://entra.chat/apple 📺 YouTube → https://entra.chat/youtube 📺 Spotify → https://entra.chat/spotify 🎧 Overcast → https://entra.chat/overcast 🎧 Pocketcast → https://entra.chat/pocketcast 🎧 Others → https://entra.chat/rss Merill's socials 📺 YouTube → youtube.com/@merillx 👔 LinkedIn → linkedin.com/in/merill 🐤 Twitter → twitter.com/merill 🕺 TikTok → tiktok.com/@merillf 🦋 Bluesky → bsky.app/profile/merill.net 🐘 Mastodon → infosec.exchange/@merill 🧵 Threads → threads.net/@merillf 🤖 GitHub → github.com/merill Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe

    50min

  5. 2 DE AGO.

    The Zero Trust Mistakes 90% of Companies Are Making (Microsoft Insiders Reveal All)

    In this eye-opening episode, I sit down with Microsoft's Clay and Ramiro, two Customer Experience (CxE) architects who've collectively run over 150 Zero Trust workshops with enterprise customers. They reveal the shocking gaps they consistently find—like customers spending millions on compliance policies but forgetting to actually block non-compliant devices with conditional access. We dive deep into their comprehensive Zero Trust Workshop framework that's become the "seventh wonder of the Excel world," discuss why partners are scrambling to get trained on their methodology, and explore how AI is about to reshape the entire Zero Trust landscape. If you think your organization has Zero Trust figured out, this conversation might just change your mind. Subscribe with your favorite podcast player or watch on YouTube 👇 About Clay and Ramiro Clay and Ramiro are architects in Microsoft's customer experience (CXE) team. With over a decade of experience each at Microsoft, they specialize in helping the largest and most high-profile customers navigate complex deployments and security challenges. Ramiro has a background in engineering and was part of the team that built ADFS, while Clay focuses on the Intune side of things. They are the key figures behind the development and refinement of Microsoft’s Zero Trust Workshop. * LinkedIn - Ramiro: https://www.linkedin.com/in/ramirocalderon/ * LinkedIn - Clay: https://www.linkedin.com/in/clay-p-55899912b/ 🔗 Related Links * Zero Trust Workshop - https://aka.ms/ztworkshop 📗 Chapters 00:24 The "Why" Behind the Zero Trust Workshop 08:16 How to Run the Workshop 14:15 How the Workshop Has Evolved 20:48 How Partners Can Use the Workshop 26:51 Evolution of the Roadmap 35:30 Real-World Customer Improvements 39:46 Zero Trust is a Team Sport 47:22 The Future: AI and the Workshop 49:10 Final Advice on Zero Trust Podcast Apps 🎙️ Entra.Chat - https://entra.chat 🎧 Apple Podcast → https://entra.chat/apple 📺 YouTube → https://entra.chat/youtube 📺 Spotify → https://entra.chat/spotify 🎧 Overcast → https://entra.chat/overcast 🎧 Pocketcast → https://entra.chat/pocketcast 🎧 Others → https://entra.chat/rss Merill's socials 📺 YouTube → youtube.com/@merillx 👔 LinkedIn → linkedin.com/in/merill 🐤 Twitter → twitter.com/merill 🕺 TikTok → tiktok.com/@merillf 🦋 Bluesky → bsky.app/profile/merill.net 🐘 Mastodon → infosec.exchange/@merill 🧵 Threads → threads.net/@merillf 🤖 GitHub → github.com/merill Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe

    54min

  6. 26 DE JUL.

    Building Entra's CA AI Agent: A Creator's Perspective

    In this episode, I sit down with Jordan Dahl, a Product Manager on the Entra Conditional Access team, to discuss the newly GA'd Conditional Access Optimization Agent. Jordan shares the origin story of the agent, explaining how customer feedback about the difficulties of managing CA policies at scale led to its creation. We delve into how this AI-powered "digital colleague" works to identify and remediate security gaps, its future roadmap including Service Now integration and phased rollouts, and how you can get started with it in your own tenant. Subscribe with your favorite podcast player or watch on YouTube 👇 About Jordan Jordan is a Product Manager on the Entra Conditional Access team at Microsoft. Her current focus is on the Conditional Access Optimization Agent. Previously, she was a PM for per-policy reporting in Conditional Access and for Groups within Entra. LinkedIn - https://www.linkedin.com/in/jordan-dahl-840182127/ 🔗 Related Links * Conditional Access optimization agent in Microsoft Entra 📗 Chapters 00:00 Intro 01:31 The Origin of the CA Optimization Agent 05:08 How the Agent Works 07:40 Autonomous Policy Changes? 12:39 How to Deploy the Agent 16:12 Customizing the Agent's Behavior 23:59 Upcoming Agent Features: Phased Rollouts & ServiceNow 29:45 The Future: A "Digital Colleague" 35:08 How to Give Feedback 41:09 Getting Started: Your Action Items Podcast Apps 🎙️ Entra.Chat - https://entra.chat 🎧 Apple Podcast → https://entra.chat/apple 📺 YouTube → https://entra.chat/youtube 📺 Spotify → https://entra.chat/spotify 🎧 Overcast → https://entra.chat/overcast 🎧 Pocketcast → https://entra.chat/pocketcast 🎧 Others → https://entra.chat/rss Merill's socials 📺 YouTube → youtube.com/@merillx 👔 LinkedIn → linkedin.com/in/merill 🐤 Twitter → twitter.com/merill 🕺 TikTok → tiktok.com/@merillf 🦋 Bluesky → bsky.app/profile/merill.net 🐘 Mastodon → infosec.exchange/@merill 🧵 Threads → threads.net/@merillf 🤖 GitHub → github.com/merill Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe

    45min

  7. 18 DE JUL.

    The Unpopular Opinion: Why I Actually LIKE Hybrid Join

    In this exciting episode of Entra Chat, I dive into the world of Entra + Windows devices with the passionate and knowledgeable John Towles, a solution architect and MVP for Windows 365 and more. We unpack why Entra hybrid join is still relevant for some organizations, explore the ins and outs of Windows Autopilot, and reveal practical tips for navigating the complexities of modern device management. Plus, we share a sneak peek into the upcoming Workplace Ninjas US event and get a special announcement about the Workplace Ninjas US "Golden Clippy Awards", including the finalists for the "Entra IDol of the Year." Subscribe with your favorite podcast player or watch on YouTube 👇 About John Towles John Towles is a Solutions Architect at WEI, a multi-award MVP (Windows 365, Intune), President of Workplace Ninjas US, and the proprietor of Mobile-John.com. With over a decade of experience as the face of VMware's Workplace One, John has a deep and unique perspective on endpoint management and cloud migration. He is passionate about helping organizations navigate complex technical challenges with pragmatic, real-world solutions. LinkedIn 🔗 Related Links * Microsoft Entra Hybrid Join: Not Dead Yet! (Jon’s blog) * Workplace Ninjas US * Microsoft's Entra Kerberos: Bridging Legacy AD to Cloud Auth + MAM on Edge with PM Jordan Gross 📗 Chapters 00:23 Entra Hybrid Join: To Do or Not to Do? 03:13 The Great Migration from VMware to Intune 06:23 Entra Join vs. Hybrid Join Explained 12:52 The Magic of Cloud Kerberos Trust 15:53 Demystifying Windows Autopilot 25:23 Making the Case for Hybrid Join with Autopilot 30:57 Why Cloud-Native is the Future 36:16 Introducing Workplace Ninjas US 39:06 The "Golden Clippy Awards" 41:31 Announcing the Entra IDol of the Year Finalists Podcast Apps 🎙️ Entra.Chat - https://entra.chat 🎧 Apple Podcast → https://entra.chat/apple 📺 YouTube → https://entra.chat/youtube 📺 Spotify → https://entra.chat/spotify 🎧 Overcast → https://entra.chat/overcast 🎧 Pocketcast → https://entra.chat/pocketcast 🎧 Others → https://entra.chat/rss Merill's socials 📺 YouTube → youtube.com/@merillx 👔 LinkedIn → linkedin.com/in/merill 🐤 Twitter → twitter.com/merill 🕺 TikTok → tiktok.com/@merillf 🦋 Bluesky → bsky.app/profile/merill.net 🐘 Mastodon → infosec.exchange/@merill 🧵 Threads → threads.net/@merillf 🤖 GitHub → github.com/merill Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe

    55min

  8. 11 DE JUL.

    Entra Chat 🎙️ → A master class with Entra’s Identity Provisioning Wizard!

    In this episode, I sit down with Chetan Desai, a Principal Product Manager on the Microsoft Identity Governance team. We dive deep into a side of Entra that many admins never see: the critical "first mile problem" of getting identities into your system in the first place. We talk about the evolution from on-prem scripts and MIM to specific connectors for Workday and SuccessFactors and then to the new powerful, generic API-driven approach that can handle any HR system and the architectural decisions behind it. Chetan also gives us a masterclass on how the provisioning engine differs from the Graph API and provides advice for anyone looking to migrate from a legacy Identity Governance and Administration (IGA) solution. Subscribe with your favorite podcast player or watch on YouTube 👇 About Chetan Desai Chetan Desai is a Principal Product Manager at Microsoft on the Entra team. For the past seven years, he has been a core part of the Entra Identity Governance and Provisioning team. Before his time at Microsoft, Chetan spent 17 years in consulting within the identity and access management domain , bringing a wealth of real-world deployment and integration experience to his product management role. 🔗 Related Links * Application and HR provisioning documentation * Provisioning with SCIM * API-driven inbound provisioning concepts 📗 Chapters 00:34 The "First Mile Problem" in Identity 04:51 From AD Sync to HR-Driven Provisioning 09:52 The Entra Provisioning Service Architecture 16:17 Hybrid vs. Cloud-Only Identity Flows 19:17 Beyond Workday: The Need for a Generic Connector 27:43 The Great Debate: CSV vs. SQL vs. API 35:34 Provisioning API vs. Graph API: What's the Difference? 43:24 The Latest Evolution: Custom Security Attributes 49:26 Advice for Migrating to Modern IGA Podcast Apps 🎙️ Entra.Chat - https://entra.chat 🎧 Apple Podcast → https://entra.chat/apple 📺 YouTube → https://entra.chat/youtube 📺 Spotify → https://entra.chat/spotify 🎧 Overcast → https://entra.chat/overcast 🎧 Pocketcast → https://entra.chat/pocketcast 🎧 Others → https://entra.chat/rss Merill's socials 📺 YouTube → youtube.com/@merillx 👔 LinkedIn → linkedin.com/in/merill 🐤 Twitter → twitter.com/merill 🕺 TikTok → tiktok.com/@merillf 🦋 Bluesky → bsky.app/profile/merill.net 🐘 Mastodon → infosec.exchange/@merill 🧵 Threads → threads.net/@merillf 🤖 GitHub → github.com/merill Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe

    55min
Ver tudo (25)

Classificações e avaliações

5
de 5
4 avaliações

Sobre

Entra Chat is a weekly podcast hosted by Merill Fernando and delivers practical insights for Microsoft administrators and security professionals through conversations with identity experts who've been in the trenches. Episodes feature seasoned Entra practitioners sharing real-world deployment experiences and Microsoft Entra team members who build the features you use daily. Get the inside track on best practices, implementation strategies, and upcoming capabilities directly from those who design and deploy Microsoft identity solutions. Join us for actionable takeaways you can apply immediately in your Microsoft 365, Azure, and Entra environments. --- Entra.Chat, its content and opinions are my (Merill Fernando) own and do not reflect the views of my employer (Microsoft). All postings are provided “AS IS” with no warranties and is not supported by the author. All trademarks and copyrights belong to their owners and are used for identification only. entra.news

Informações

  • Criado por
    Merill Fernando
  • Anos de atividade
    2 mil
  • Episódios
    25
  • Classificação
    Livre
  • Copyright
    © Merill & Joshua Fernando
  • Site do podcast
    Entra.Chat

Você também pode gostar de