Welcome back to Entra.Chat! In this rapid-fire Q&A, I’m joined by a team of brilliant CXE Identity Architects from Microsoft, and they’re answering the toughest questions on the future of identity.

We dive deep into the security challenge posed by agentic AI that can spawn self-replicating identities and how Microsoft is creating tailored behavioral analytics to protect your environment.

The team also spills the details on the shift to phishing-resistant MFA through authentication strengths capabilities for Entra ID tenants—you’ll definitely want to listen before your next audit!

Subscribe with your favorite podcast player or watch on YouTube 👇

About The Panel

This episode features an incredible panel of experts from Microsoft’s Identity team:

* Tarek Dawoud: Lead Architect of the Architecture Team, focusing on AI for Security and Entra Resilience → https://www.linkedin.com/in/tarekdawoud/

* Tyler Chan: Architect focusing on the Zero Trust Workshop and the healthcare vertical → https://www.linkedin.com/in/chantylert/

* Ramiro Calderon: Architect on the team focusing on Identity and Access Management and helping customers move to the cloud → https://www.linkedin.com/in/ramirocalderon/

* Jas Suri: Architect for Customer Identity and Access Management (CIAM), including Entra External ID as well as passwordless technologies → https://www.linkedin.com/in/jas-suri-aa644a7b/

* Ehud Itshaki: Identity Architect focusing on AI’s impact on identity systems and government customers → https://www.linkedin.com/in/ehudi/

* Thomas Detzner: Architect focusing on Global Secure Access (GSA) and the network pillar of Zero Trust. → https://www.linkedin.com/in/thomasdetzner/

* Travis Gross: Manager and lead of the overall Identity CxE team at Microsoft → https://www.linkedin.com/in/travis-gross-536b3b9b/

* Keith Brewer: Architect for Entra authentication, identity security, and U.S. government customers → https://www.linkedin.com/in/keith-b-145519174/

🔗 Related Links

* The future of AI agents—and why OAuth must evolve - https://techcommunity.microsoft.com/blog/microsoft-entra-blog/the-future-of-ai-agents%E2%80%94and-why-oauth-must-evolve/3827391

* Beyond OAuth: Why SCIM must evolve for the AI agent revolution - https://techcommunity.microsoft.com/blog/microsoft-entra-blog/beyond-oauth-why-scim-must-evolve-for-the-ai-agent-revolution/4433036

* Use Kerberos for single sign-on (SSO) to your resources with Microsoft Entra Private Access - https://learn.microsoft.com/en-us/entra/global-secure-access/how-to-configure-kerberos-sso

* Bulk operations in Microsoft Entra ID (Preview) - https://learn.microsoft.com/en-us/entra/fundamentals/bulk-operations

* Road to the cloud: AD to Entra ID - aka.ms/AD2AAD

* Microsoft Entra security operations guide - Incident Response Playbooks - https://learn.microsoft.com/en-us/entra/architecture/security-operations-introduction

* Incident response playbooks - https://learn.microsoft.com/en-us/security/operations/incident-response-playbooks

* Review permissions granted to enterprise applications - https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/manage-application-permissions?pivots=portal

* Multi-factor unlock - https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/multifactor-unlock?tabs=intune

* API-driven Inbound Provisioning - Integration scenarios - https://learn.microsoft.com/en-au/entra/identity/app-provisioning/inbound-provisioning-api-logic-apps#integration-scenario-variations

📗 Chapters

03:57 The Challenge of Agentic AI and Identity

06:35 Top Identity Security Enhancements You Can Use Today

09:42 Entra External ID: Syncing Tenants and B2C Migration

11:41 Restoring Compromised Tenants

15:01 Verifying Real Humans: Identity Assurance Levels (IAL) Explained

17:01 Rethinking App Consent and Granular Admin Roles

18:28 Clearing Up Confusion: Passkeys vs Phishing-Resistant MFA

20:33 Ditching On-Prem: Moving Legacy Apps with Private Access

23:14 How AI Will Change IAM Admins & Permissions Forever

30:31 Is Entra ID Governance the End of MIM?

Podcast Apps

🎙️ Entra.Chat - https://entra.chat

🎧 Apple Podcast → https://entra.chat/apple

📺 YouTube → https://entra.chat/youtube

📺 Spotify → https://entra.chat/spotify

🎧 Overcast → https://entra.chat/overcast

🎧 Pocketcast → https://entra.chat/pocketcast

🎧 Others → https://entra.chat/rss

Merill’s socials

📺 YouTube → youtube.com/@merillx

👔 LinkedIn → linkedin.com/in/merill

🐤 Twitter → twitter.com/merill

🕺 TikTok → tiktok.com/@merillf

🦋 Bluesky → bsky.app/profile/merill.net

🐘 Mastodon → infosec.exchange/@merill

🧵 Threads → threads.net/@merillf

🤖 GitHub → github.com/merill

Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe