Microsoft Ups Security of Azure AD, Identity

A roundup of Microsofts recent security news and updates that focus on protecting identity.

Microsofts latest security announcements have focused on securing Azure AD and Identity. Updates include stronger compromise prevention for Azure AD, a zero-trust business plan, and some changes to managing user authentication in Azure Portal.
Since its a lot of news to work through, below is a recap of the highlights:
The updated Azure AD compromise prevention system,
released last week
, still uses supervised machine learning but expands the features and process used to train the model. This model, Microsoft says, aims to provide more accurate risk assessments by flagging more suspicious activity while reducing the number of false alarms.
Its system pulls data from several sources including user behavior, threat intelligence, network intelligence, and device intelligence. Known good or bad sign-ins, called labels, aim to help teach the algorithm how to differentiate between the two. All of this intelligence is used train new machine learning models, which are deployed to the Azure AD authentication service and used to evaluate 30 billion authentications daily, Microsoft reports.
News of the Azure AD update arrived shortly after news of the
SolarWinds breach
began to make headlines. Reports indicate intruders used multiple attack vectors, one of which was distributing malware hidden in SolarWinds Orion network management software. The other, CISA
reports
, may have involved a multifactor authentication bypass, done by accessing a secret key from the Outlook Web App server. Late last week,
Microsoft confirmed
its network was breached.
Earlier this month, Microsoft
released
a zero-trust business plan to provide guidance for organizations starting the
zero-trust implementation
process. The document, which includes lessons learned from leaders who oversaw zero trust adoption in their own environments, lays out the process of planning, implementing, and measuring success of a zero trust deployment.
Some of the new features we saw come from Microsoft in recent weeks include updates to managing user authentication methods in Azure Portal. The
new UX design
lets admins add, edit, and delete users authentication phone numbers and email addresses. As authentication methods are released in coming months, theyll appear and be managed in the same interface.
As part of usability improvements, Microsoft is simplifying how phone numbers are managed in Azure AD. Users now have two sets of phone numbers: a public number that is managed in the user profile and never used for authentication, and an authentication number managed under authentication methods and kept private. This will be available to all Directory-synced tenants by 2021.
Microsoft is also releasing new APIs to beta in Microsoft Graph. New authentication method APIs can be used to read and remove a users FIDO2 security keys; read and remove a users Passwordless Phone Sign-In capability with Microsoft Authenticator; and read, add, update, and remove a users email address for Self-Service Password Reset.
Microsoft Authenticator will be updated with password management and autofill capabilities, which were made
available for public preview
last week. Authenticator will autofill passwords, which can be synced across mobile and desktop devices. Microsoft notes this is currently limited to Microsoft accounts and not for Azure AD-based work or school accounts.
Azure AD Application Proxy, which provides secure remote access to on-premise applications, will now support more applications, including those that use headers for authentication such as Peoplesoft, NetWeaver Portal, and WebCenter, Microsoft announced earlier this month. The new support started in public preview on Dec. 1.
To connect a header-based authentication application to Application Proxy, users will need Application Proxy enabled in their tenant and have at least one connector installed, Microsoft says. Its
full blog post
on the announcement has additional steps.

Last News
▸ ArcSight prepares for future at user conference post HP acquisition. ◂ Discovered: 07/01/2025 Category: security	▸ Samsung Epic 4G: First To Use Media Hub ◂ Discovered: 07/01/2025 Category: security	▸ Many third-party software fails security tests ◂ Discovered: 07/01/2025 Category: security

**Cyber Security Categories**
Google Dorks Database	Exploits Vulnerability	Exploit Shellcodes

CVE List

Tools/Apps

News/Aarticles

Phishing Database

Deepfake Detection

Trends/Statistics & Live Infos

Tags:
Microsoft Ups Security of Azure AD, Identity