Why AI Is Breaking Identity Security – Experts Spill the Truth!

Welcome back to Entra.Chat! In this rapid-fire Q&A, I’m joined by a team of brilliant CXE Identity Architects from Microsoft, and they’re answering the toughest questions on the future of identity. We dive deep into the security challenge posed by agentic AI that can spawn self-replicating identities and how Microsoft is creating tailored behavioral analytics to protect your environment. The team also spills the details on the shift to phishing-resistant MFA through authentication strengths capabilities for Entra ID tenants—you’ll definitely want to listen before your next audit!Subscribe with your favorite podcast player or watch on YouTube 👇About The PanelThis episode features an incredible panel of experts from Microsoft’s Identity team:* Tarek Dawoud: Lead Architect of the Architecture Team, focusing on AI for Security and Entra Resilience → https://www.linkedin.com/in/tarekdawoud/* Tyler Chan: Architect focusing on the Zero Trust Workshop and the healthcare vertical → https://www.linkedin.com/in/chantylert/* Ramiro Calderon: Architect on the team focusing on Identity and Access Management and helping customers move to the cloud → https://www.linkedin.com/in/ramirocalderon/* Jas Suri: Architect for Customer Identity and Access Management (CIAM), including Entra External ID as well as passwordless technologies → https://www.linkedin.com/in/jas-suri-aa644a7b/* Ehud Itshaki: Identity Architect focusing on AI’s impact on identity systems and government customers → https://www.linkedin.com/in/ehudi/* Thomas Detzner: Architect focusing on Global Secure Access (GSA) and the network pillar of Zero Trust. → https://www.linkedin.com/in/thomasdetzner/* Travis Gross: Manager and lead of the overall Identity CxE team at Microsoft → https://www.linkedin.com/in/travis-gross-536b3b9b/* Keith Brewer: Architect for Entra authentication, identity security, and U.S. government customers → https://www.linkedin.com/in/keith-b-145519174/🔗 Related Links* The future of AI agents—and why OAuth must evolve - https://techcommunity.microsoft.com/blog/microsoft-entra-blog/the-future-of-ai-agents%E2%80%94and-why-oauth-must-evolve/3827391* Beyond OAuth: Why SCIM must evolve for the AI agent revolution - https://techcommunity.microsoft.com/blog/microsoft-entra-blog/beyond-oauth-why-scim-must-evolve-for-the-ai-agent-revolution/4433036* Use Kerberos for single sign-on (SSO) to your resources with Microsoft Entra Private Access - https://learn.microsoft.com/en-us/entra/global-secure-access/how-to-configure-kerberos-sso* Bulk operations in Microsoft Entra ID (Preview) - https://learn.microsoft.com/en-us/entra/fundamentals/bulk-operations* Road to the cloud: AD to Entra ID - aka.ms/AD2AAD* Microsoft Entra security operations guide - Incident Response Playbooks - https://learn.microsoft.com/en-us/entra/architecture/security-operations-introduction* Incident response playbooks - https://learn.microsoft.com/en-us/security/operations/incident-response-playbooks* Review permissions granted to enterprise applications - https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/manage-application-permissions?pivots=portal* Multi-factor unlock - https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/multifactor-unlock?tabs=intune* API-driven Inbound Provisioning - Integration scenarios - https://learn.microsoft.com/en-au/entra/identity/app-provisioning/inbound-provisioning-api-logic-apps#integration-scenario-variations📗 Chapters03:57 The Challenge of Agentic AI and Identity 06:35 Top Identity Security Enhancements You Can Use Today 09:42 Entra External ID: Syncing Tenants and B2C Migration 11:41 Restoring Compromised Tenants15:01 Verifying Real Humans: Identity Assurance Levels (IAL) Explained 17:01 Rethinking App Consent and Granular Admin Roles 18:28 Clearing Up Confusion: Passkeys vs Phishing-Resistant MFA 20:33 Ditching On-Prem: Moving Legacy Apps with Private Access 23:14 How AI Will Change IAM Admins & Permissions Forever 30:31 Is Entra ID Governance the End of MIM?Podcast Apps🎙️ Entra.Chat - https://entra.chat🎧 Apple Podcast → https://entra.chat/apple📺 YouTube → https://entra.chat/youtube📺 Spotify → https://entra.chat/spotify🎧 Overcast → https://entra.chat/overcast🎧 Pocketcast → https://entra.chat/pocketcast🎧 Others → https://entra.chat/rssMerill’s socials📺 YouTube → youtube.com/@merillx👔 LinkedIn → linkedin.com/in/merill🐤 Twitter → twitter.com/merill🕺 TikTok → tiktok.com/@merillf🦋 Bluesky → bsky.app/profile/merill.net🐘 Mastodon → infosec.exchange/@merill🧵 Threads → threads.net/@merillf🤖 GitHub → github.com/merill Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe

There are no comments yet.

Please log in to write the first comment.