Merill Fernando 💚
@merill.net
Product Manager @microsoft | Creator of bluesky.ms • cmd.ms • idPowerToys.merill.net • Graph X-Ray • 🇦🇺 • 🇱🇰 • Posts my own
http://youtube.com/@merillx
Sign up to my newsletter https://entra.news
http://youtube.com/@merillx
Sign up to my newsletter https://entra.news
November 12, 2025 at 1:30 AM
We didn't stop with Entra, there are over 35+ tests for Intune with another 70 in the works.
In upcoming release we will be expanding to more Zero Trust pillars including Data (Purview), Infrastructure (Azure..), Networking plus Apps and AI!
In upcoming release we will be expanding to more Zero Trust pillars including Data (Purview), Infrastructure (Azure..), Networking plus Apps and AI!
November 12, 2025 at 1:29 AM
We didn't stop with Entra, there are over 35+ tests for Intune with another 70 in the works.
In upcoming release we will be expanding to more Zero Trust pillars including Data (Purview), Infrastructure (Azure..), Networking plus Apps and AI!
In upcoming release we will be expanding to more Zero Trust pillars including Data (Purview), Infrastructure (Azure..), Networking plus Apps and AI!
Opening each items gives you
1️⃣ a detailed pane calling out all the offending apps and configuration
2️⃣ Outlines what was checked and the reason why its important
3️⃣ The steps to fix it → We worked a lot on the docs to improve guidance
1️⃣ a detailed pane calling out all the offending apps and configuration
2️⃣ Outlines what was checked and the reason why its important
3️⃣ The steps to fix it → We worked a lot on the docs to improve guidance
November 12, 2025 at 1:29 AM
Opening each items gives you
1️⃣ a detailed pane calling out all the offending apps and configuration
2️⃣ Outlines what was checked and the reason why its important
3️⃣ The steps to fix it → We worked a lot on the docs to improve guidance
1️⃣ a detailed pane calling out all the offending apps and configuration
2️⃣ Outlines what was checked and the reason why its important
3️⃣ The steps to fix it → We worked a lot on the docs to improve guidance
Next we come to the main attraction.
We start with a summary of the findings.
For every finding we include
🎯 Risk
🎯 User impact
🎯 Implementation effort
🎯 Minimum license required
We start with a summary of the findings.
For every finding we include
🎯 Risk
🎯 User impact
🎯 Implementation effort
🎯 Minimum license required
November 12, 2025 at 1:29 AM
Next we come to the main attraction.
We start with a summary of the findings.
For every finding we include
🎯 Risk
🎯 User impact
🎯 Implementation effort
🎯 Minimum license required
We start with a summary of the findings.
For every finding we include
🎯 Risk
🎯 User impact
🎯 Implementation effort
🎯 Minimum license required
We include a similar view of your mobile landscape.
November 12, 2025 at 1:29 AM
We include a similar view of your mobile landscape.
I really enjoyed making this view and I think it gives a new insight into your zero trust posture from a device perspective.
It breaks down the desktop devices by the type of Entra join and then shows their compliance status.
It breaks down the desktop devices by the type of Entra join and then shows their compliance status.
November 12, 2025 at 1:29 AM
I really enjoyed making this view and I think it gives a new insight into your zero trust posture from a device perspective.
It breaks down the desktop devices by the type of Entra join and then shows their compliance status.
It breaks down the desktop devices by the type of Entra join and then shows their compliance status.
Plus a quick overview of your device stats.
November 12, 2025 at 1:29 AM
Plus a quick overview of your device stats.
We also analyze the sign in log to show what types of devices are accessing your tenant.
November 12, 2025 at 1:29 AM
We also analyze the sign in log to show what types of devices are accessing your tenant.
It's one thing to look at the configuration but the sign in logs tell the true story.
This view analyzes the sign logs to show the percentage of sign ins that are being protected by Conditional Access policies and breaks it down further by MFA CA policies
This view analyzes the sign logs to show the percentage of sign ins that are being protected by Conditional Access policies and breaks it down further by MFA CA policies
November 12, 2025 at 1:29 AM
It's one thing to look at the configuration but the sign in logs tell the true story.
This view analyzes the sign logs to show the percentage of sign ins that are being protected by Conditional Access policies and breaks it down further by MFA CA policies
This view analyzes the sign logs to show the percentage of sign ins that are being protected by Conditional Access policies and breaks it down further by MFA CA policies
You also get a really good view of the auth methods registered by your privileged users.
The more green the better.
What you don't want to see is privileged users having phishable auth methods registered.
The more green the better.
What you don't want to see is privileged users having phishable auth methods registered.
November 12, 2025 at 1:29 AM
You also get a really good view of the auth methods registered by your privileged users.
The more green the better.
What you don't want to see is privileged users having phishable auth methods registered.
The more green the better.
What you don't want to see is privileged users having phishable auth methods registered.
The overview page gives you a summary of your tenant information and also shows how many of the tests your tenant passed.
November 12, 2025 at 1:28 AM
The overview page gives you a summary of your tenant information and also shows how many of the tests your tenant passed.
So what does the assessment do?
It's a PowerShell module that performs an INTENSIVE analysis of your tenant and provides guidance on how to remediate and secure your tenant.
It's a PowerShell module that performs an INTENSIVE analysis of your tenant and provides guidance on how to remediate and secure your tenant.
November 12, 2025 at 1:28 AM
So what does the assessment do?
It's a PowerShell module that performs an INTENSIVE analysis of your tenant and provides guidance on how to remediate and secure your tenant.
It's a PowerShell module that performs an INTENSIVE analysis of your tenant and provides guidance on how to remediate and secure your tenant.
The problem is that it's not easy to manually check your tenant against every guidance
For example the test for 'App registrations use safe redirect URIs' requires you to go through every app in your tenant and verify all the reply urls.
For example the test for 'App registrations use safe redirect URIs' requires you to go through every app in your tenant and verify all the reply urls.
November 12, 2025 at 1:28 AM
The problem is that it's not easy to manually check your tenant against every guidance
For example the test for 'App registrations use safe redirect URIs' requires you to go through every app in your tenant and verify all the reply urls.
For example the test for 'App registrations use safe redirect URIs' requires you to go through every app in your tenant and verify all the reply urls.
👋 Folks, I'm super excited to announce the launch of the Microsoft Zero Trust Assessment!
I've been working on this project for the past year at Microsoft with an extended team including our security researchers, product feature teams and docs
Here's what it does
I've been working on this project for the past year at Microsoft with an extended team including our security researchers, product feature teams and docs
Here's what it does
November 12, 2025 at 1:28 AM
👋 Folks, I'm super excited to announce the launch of the Microsoft Zero Trust Assessment!
I've been working on this project for the past year at Microsoft with an extended team including our security researchers, product feature teams and docs
Here's what it does
I've been working on this project for the past year at Microsoft with an extended team including our security researchers, product feature teams and docs
Here's what it does
November 9, 2025 at 11:16 AM
November 1, 2025 at 11:14 AM
Get the latest Entra news @ https://entra.news
October 27, 2025 at 8:09 AM
Get the latest Entra news @ https://entra.news
Dirk-jan Mollema found one of the most severe vulnerabilities ever discovered in Microsoft Entra ID.
One that could have compromised every tenant in the cloud.
In this episode, we unpack the story, the stress, and the mindset behind responsible disclosure. 🔥
One that could have compromised every tenant in the cloud.
In this episode, we unpack the story, the stress, and the mindset behind responsible disclosure. 🔥
October 24, 2025 at 1:24 PM
Dirk-jan Mollema found one of the most severe vulnerabilities ever discovered in Microsoft Entra ID.
One that could have compromised every tenant in the cloud.
In this episode, we unpack the story, the stress, and the mindset behind responsible disclosure. 🔥
One that could have compromised every tenant in the cloud.
In this episode, we unpack the story, the stress, and the mindset behind responsible disclosure. 🔥
October 19, 2025 at 12:02 PM
October 18, 2025 at 9:53 AM
Melbourne friends — next Monday is going to be epic 🔥.
I’ll be sharing some seriously cool stuff combining Maester + Lokka at WP Ninja Australia 🇦🇺
🎤 Joining me are legends: Jason Byway, Joel Kino, Aaron Parker & Steven Hosking + host Jose Schenardie!
Register at www.meetup.com/workp...
I’ll be sharing some seriously cool stuff combining Maester + Lokka at WP Ninja Australia 🇦🇺
🎤 Joining me are legends: Jason Byway, Joel Kino, Aaron Parker & Steven Hosking + host Jose Schenardie!
Register at www.meetup.com/workp...
October 16, 2025 at 8:22 AM
Melbourne friends — next Monday is going to be epic 🔥.
I’ll be sharing some seriously cool stuff combining Maester + Lokka at WP Ninja Australia 🇦🇺
🎤 Joining me are legends: Jason Byway, Joel Kino, Aaron Parker & Steven Hosking + host Jose Schenardie!
Register at www.meetup.com/workp...
I’ll be sharing some seriously cool stuff combining Maester + Lokka at WP Ninja Australia 🇦🇺
🎤 Joining me are legends: Jason Byway, Joel Kino, Aaron Parker & Steven Hosking + host Jose Schenardie!
Register at www.meetup.com/workp...
I just sent out this week's Entra newsletter.
🚀 Most popular posts from last week
🥇Microsoft Introduces Restore Capability for Conditional Access Policies • Tony Redmond
🥈Why Setting Office IP as a Trusted Location in Conditional Access Is Risky • AIMA
🚀 Most popular posts from last week
🥇Microsoft Introduces Restore Capability for Conditional Access Policies • Tony Redmond
🥈Why Setting Office IP as a Trusted Location in Conditional Access Is Risky • AIMA
October 12, 2025 at 1:47 AM
I just sent out this week's Entra newsletter.
🚀 Most popular posts from last week
🥇Microsoft Introduces Restore Capability for Conditional Access Policies • Tony Redmond
🥈Why Setting Office IP as a Trusted Location in Conditional Access Is Risky • AIMA
🚀 Most popular posts from last week
🥇Microsoft Introduces Restore Capability for Conditional Access Policies • Tony Redmond
🥈Why Setting Office IP as a Trusted Location in Conditional Access Is Risky • AIMA
Here's an easy way to remember how to create an OIDC vs SAML app in Entra.
Bookmark this 💡
Bookmark this 💡
October 7, 2025 at 3:05 PM
Here's an easy way to remember how to create an OIDC vs SAML app in Entra.
Bookmark this 💡
Bookmark this 💡
October 6, 2025 at 10:23 PM
October 6, 2025 at 1:29 AM