Microsoft Entra ID provides Managed Conditional Access Policies to help organizations enforce security best practices. These pre-configured policies simplify implementation while ensuring key protections like multifactor authentication (MFA) and blocking legacy authentication. They will be extended in February 2025 and after a 45 trial period automatically activated:
I am happy to refer to the release of Maester v1 1, a significant update that brings a bunch of new features and improvements. Since the release in March, the community has been working to build up the functionality and stability of Maester. This update includes a substantial increase in the number of tests, growing from 96 to 194, ensuring a wider usability.
As cyberattacks grow more frequent, protecting your infrastructure more important than ever. A key part is the enforcement of mandatory multifactor authentication (MFA) for all Azure sign-ins. MFA adds an essential layer of protection to your data, blocking over 99% of account compromise attempts.
Since June 2024, a new option has become available for transitioning legacy PowerShell scripts away from the deprecated AzureAD module. Below are examples and thoughts on which option might suit your path to solving this challenge. The 'Entra PowerShell' module, currently in Public Preview, shows great potential to soon be ready for production environments.
Over the years, we've been familiar with SSH key-based authentication, deploying a restricted set of FIDO2 Security keys, and experimenting with certificate-based authentication (CBA). However, due to complexity and platform limitations, we've faced challenges in widespread implementation, resulting in a reliance on extensive MFA through Authentication Apps or even SMS (considered weak). The introduction of the new Passkey holds the promise of rewriting this history.