Entra.Chat

From Windows Core to Leading Agent ID: Vince Smith’s Microsoft Story


Listen Later

Folks, every big thing in identity started as somebody’s late-night side quest and Vince Smith has been in the room for a lot of them.

In this episode of Entra Chat, Vince (the PM lead driving Microsoft Entra Agent ID) walks us back through a 25-year run at Microsoft: shipping beta products off a machine wired straight to the internet under a neighbor’s desk, owning the early RBAC and custom roles work that shaped Entra, surviving a couple of security incidents he mostly can’t talk about, and finally landing on the team building identity for AI agents.

Along the way he owns up to the one feature name he’d take back if he could, and shares the dead-simple trick he used as a junior dev to get senior engineers to answer his questions every single time.

But this isn’t just a war-stories episode. Vince breaks down why agents needed a brand-new kind of identity in the first place. An agent is a strange beast ‘as clumsy and unpredictable as a human, and as fast as a machine’ which means traditional anomaly detection looks at one and basically can’t tell if it’s a user or a workload gone rogue. His answer is the blueprint-and-instance model: one blueprint (think app registration) spinning up many scoped, least-privilege instances, instead of a bazillion app registrations or one over-permissioned service principal that can read everyone’s mailbox. And if you’re wondering why this matters now, Vince makes the case that as users move to passkeys, attackers just slide to the other end of the balloon: non-human identities and workloads. That’s the new frontier.

So what should you actually do Monday morning? His advice is refreshingly un-precious: don’t wait for the perfect plan. Start green, set a standard for every new agent so you stop the bleeding from shadow AI, then stay green and slowly get green by cleaning up the mess behind you. Even just stamping a unique identifier on your agents today buys you the observability you’ll desperately want later.

Be the river that flows around the rocks.

There’s a lot more in the full conversation including how Agent ID and Agent 365 actually fit together, and how Vince came up to speed on a space that’s moving too fast to write a book about. Give it a watch.

Subscribe with your favorite podcast player or watch on YouTube 👇

About Vince Smith

Vince Smith is the PM Lead for Agent ID at Microsoft. A self-described computer nerd and Gen Xer, Vince has been with Microsoft since late 1999, working on everything from Windows Core and GDPR to multi-tenant collaboration and identity protection.

LinkedIn - https://www.linkedin.com/in/vincecsmith/

🔗 Related Links

* Entra Agent ID - https://learn.microsoft.com/en-us/entra/agent-id/what-is-microsoft-entra-agent-id

* Agent 365 - https://www.microsoft.com/en-us/microsoft-agent-365

📗 Chapters

06:23 Provisioning vs. Federation

10:25 The Need for Agent ID

17:28 Blueprints and Multi-Instancing

23:55 Demystifying Agent 365

26:56 The Threat of Non-Human Identities (NHI)

33:08 Planning Your Enterprise AI Strategy

36:14 Defining a “Start Green” AI Plan

40:45 The Best Way to Learn Complex Tech

45:13 The Wild World of CIAM

Podcast Apps

🎙️ Entra.Chat - https://entra.chat

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill’s socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill



Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe
...more
View all episodesView all episodes
Download on the App Store

Entra.ChatBy Merill Fernando

  • 5
  • 5
  • 5
  • 5
  • 5

5

5 ratings


More shows like Entra.Chat

View all
StarTalk Radio by Neil deGrasse Tyson

StarTalk Radio

14,379 Listeners

The Infinite Monkey Cage by BBC Radio 4

The Infinite Monkey Cage

1,919 Listeners

WSJ Tech News Briefing by The Wall Street Journal

WSJ Tech News Briefing

1,657 Listeners

Risky Business by Risky Business Media

Risky Business

376 Listeners

Down the Security Rabbithole Podcast (DtSR) by Rafal (Wh1t3Rabbit) Los

Down the Security Rabbithole Podcast (DtSR)

98 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

648 Listeners

Click Here by Recorded Future News

Click Here

421 Listeners

Microsoft Cloud IT Pro Podcast by Ben Stegink, Scott Hoag

Microsoft Cloud IT Pro Podcast

65 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,059 Listeners

Hacking Humans by N2K Networks

Hacking Humans

313 Listeners

Three Buddy Problem by Security Conversations

Three Buddy Problem

61 Listeners

Hybrid Identity Protection Podcast by Semperis

Hybrid Identity Protection Podcast

3 Listeners

CISO Tradecraft® by G Mark Hardy & Ross Young

CISO Tradecraft®

48 Listeners

Risky Bulletin by Risky Business Media

Risky Bulletin

45 Listeners

Critical Thinking - Bug Bounty Podcast by Justin Gardner (Rhynorater), Joseph Thacker (Rez0), & Brandyn Murtagh (gr3pme)

Critical Thinking - Bug Bounty Podcast

55 Listeners