Entra ID Application Security – A Complex Problem with a Community Solution

Application governance in Entra is a hot topic these days, especially in the context of zero trust, where we aim for least-privilege access in terms of Graph API permissions, explicitly verify the identities of publishers and people in our organizations and assume breach.  Many organizations are decommissioning Active Directory Federation Services (AD FS) and switching … Continue reading "Entra ID Application Security – A Complex Problem with a Community Solution"

VMware addresses ‘ESX Admins’ authentication bypass vulnerability (CVE-2024-37085) in ESXi 8.0 Update 3

Today, Broadcom issued a second update to VMSA-2024-003 for VMware ESXi, specifically to address the vulnerability CVE-2024-37085. This vulnerability, with a CVSSv3 base score of 6.8 out of 10 (Moderate), allowed an adversary with sufficient Active Directory permissions to gain full access to ESXi hosts.   About the vulnerability For an adversary to abuse this … Continue reading "VMware addresses ‘ESX Admins’ authentication bypass vulnerability (CVE-2024-37085) in ESXi 8.0 Update 3"

VMware vSphere 8.0 Update 3 adds federation support for four Identity Providers

On June 25th, 2024, Broadcom made vSphere 8.0 Update 3 generally available. In the details of the Release Notes for vSphere 8.0 Update 3 and ESXi 8.0 Update 3, Broadcom announces PingFederate Support in vSphere Identity Federation. This is a huge update for Identity and Access admins using VMware's virtualization platform as it broadens their options … Continue reading "VMware vSphere 8.0 Update 3 adds federation support for four Identity Providers"

What's New in Entra ID for July 2024

Entra ID, previously known as Azure AD is Microsoft's Identity Management-as-a-Service solution, offering seamless access, easy collaboration, efficiency in IT processes and improved security and compliance. In its Release Notes for Entra ID, Microsoft communicated the following planned, new and changed functionality for Entra ID for July 2024:   What's Planned New SAML applications can't receive … Continue reading "What's New in Entra ID for July 2024"

On-premises Identity-related updates and fixes for July 2024

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for July 2024:   Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for July 2024"

Sympathy for the devil, empathy for the Identity professional

Working with Microsoft-focused identity admins, I noticed a couple of common themes with these fellow identity people that make them feel like they can't make any right decisions anymore, they got stuck somehow and feel miserable all the time… In their minds, a perfect storm is raging. Identity professionals in this state are experienced as … Continue reading "Sympathy for the devil, empathy for the Identity professional"

Why backing up and restoring Entra ID with Veeam is a big thing

During the Opening Keynote of VeeamON 2024 in Fort Lauderdale from June 3rd, 2024, to June 5th, 2024, Anton Gostev, Chief Product Officer at Veeam announced providing data resilience for several new platforms, including Entra ID (previously known as Azure AD). As a Veeam Vanguard, I have had many discussions with Veeam leadership stressing out … Continue reading "Why backing up and restoring Entra ID with Veeam is a big thing"

I’m a 2024-2025 Microsoft MVP

Today, I received an e-mail message from Microsoft congratulating me on being accepted to the Microsoft MVP program. Microsoft is pleased to welcome me back to the Microsoft Most Valuable Professionals (MVP) program in recognition of my outstanding contributions to the community in the following technical areas: Identity & Access Windows It’s an honor to be … Continue reading "I’m a 2024-2025 Microsoft MVP"

On-premises Identity-related updates and fixes for June 2024

Even though Microsoft’s Identity focus moves towards the cloud, Windows Server 2016, Windows Server 2019 and Windows Server 2022 still receive updates to improve the experiences and security of Microsoft’s on-premises powerhouses. This is the list of Identity-related updates and fixes we saw for June 2024:   Windows Server 2016 We observed the following update … Continue reading "On-premises Identity-related updates and fixes for June 2024"