As security professionals gather in Chicago for Microsoft Ignite, with thousands tuning in digitally from around the world, I’m reminded how tough it is to be a defender in the current identity threat landscape. Cybercriminals continue to increase the scale and sophistication of their attacks. In fact, Microsoft Entra now blocks more than 7,000 password attacks per second, a more than 75% increase from a year ago![i]

In the face of such escalating threats, Microsoft remains committed to empowering you with advanced defense-in-depth capabilities, including the industry-leading, responsible AI offered by Microsoft Security Copilot. Today we’re sharing the latest news about Microsoft Entra innovations to help you secure identity and network access, the foundation of your Zero Trust strategy.

Empower your team with Security Copilot in Microsoft Entra  

First, we’re expanding the public preview of Security Copilot in Microsoft Entra. This new experience embeds Security Copilot directly into the Microsoft Entra admin center, so you easily access the identity skills directly in the admin center.

Security Copilot will also make recommendations and offer insights in the Microsoft Entra admin center as you complete every day or complex tasks. It can help you:

• Rapidly retrieve relevant identity data and context for users, including location, and authentication methods.
• Automate risk investigations for users and workload identities with AI-driven detection, insights, and mitigation.
• Swiftly troubleshoot access issues and analyze conditional access policies tied to user sign-ins.

Plus, for those who manage applications or workload identities in Microsoft Entra, in December we are adding a new set of skills to help you identify, understand and remediate risks. For example, you can prompt Security Copilot, “Which apps could be malicious or compromised?” or “Show me unused apps” followed by “How do I remove these?”

Generative AI capabilities like natural language processing, data correlation, and contextual insights make identity and access management workflows easier and more efficient. Recent user testing found that admins using Security Copilot in Microsoft Entra completed sign-in troubleshooting tasks in 46% less time and with 47% more accuracy.

Get more details: Microsoft Security Copilot is now embedded within the Microsoft Entra admin center

Secure access for your workforce with Security Service Edge

An identity-centric approach to network security not only reduces cyber risk and strengthens protection against advanced threats, but it also improves the user experience. Our Security Service Edge (SSE) solution, part of Microsoft Entra Suite, accelerates your Zero Trust implementation and network transformation by unifying access controls across network security, identity, and endpoints.

Two components of our SSE solution, Microsoft Entra Private Access and Microsoft Entra Internet Access, have been generally available since July 2024. Today, we’re introducing several product enhancements for SSE.

Microsoft Entra Private Access simplifies migration from traditional VPNs

Microsoft Entra Private Access helps modernize traditional VPNs with an identity centric Zero Trust Network Access (ZTNA) solution so users can securely connect to any private resource and application without gaining full access to everything on the network. Several new capabilities simplify migration from traditional VPNs and make it easier for users to connect to resources.

• Quick access policies, generally available, make it easy to onboard private apps to Microsoft Entra.
• App Discovery, coming soon to public preview, makes it easy to discover all your private apps.
• Private DNS, in public preview, makes it easy to configure single label names or hostnames that users can use to access resources seamlessly.
• Private network connectors available in the Azure, AWS, and Google Cloud marketplaces, in public preview, improve the admin experience and simplify deployment of private network connectors.

Microsoft Entra Internet Access strengthens protection against threats

Microsoft Entra Internet Access helps secure access to all internet and SaaS applications and resources with an identity-centric secure web gateway (SWG) solution. New capabilities strengthen protection against threats.

• Continuous access evaluation (CAE) support, in public preview, allows network access to be revoked in near real-time when it detects a critical event. It’s like gaining an automatic emergency switch that turns off the Internet until policy conditions are met. Because these controls operate at the network level, they work whether or not the application or client supports modern authentication and CAE natively.
• TLS inspection, in private preview, provides comprehensive visibility of encrypted traffic and enables enhanced URL web category filtering based on full URLs. 

Embrace network transformation with an integrated approach to Secure Access Service Edge

If you’re in the process of simplifying your on-premises network and replacing expensive equipment with modern network solutions, you may be considering the Secure Access Service Edge (SASE) framework to securely connect users, systems, endpoints, and remote networks to apps and resources.

Microsoft Entra will work seamlessly with other SSE, SASE, and networking solutions, delivering unified management and visibility to protect against sophisticated attacks. For example, we’re integrating network security capabilities from other providers, starting with Advanced Threat Protection (ATP) and Data Loss Prevention (DLP) from Netskope, now in private preview. We’re also integrating SD-WAN and connectivity solutions from leading providers with Microsoft Entra to provide a comprehensive SASE solution. 

Get more details: Enhancing security with Microsoft’s Security Service Edge solution and SASE partners  

Repel advanced attacks with new authentication protections

With deep insights from 78 trillion daily security signals, Microsoft Entra delivers proactive, real-time protection against password attacks, as well as attacks that are more advanced and harder-to-detect, such as MFA attacks and post-authentication attacks. Cybercriminals are even using artificial intelligence to speed up and scale password attacks, which still account for over 99% of identity-related attacks. Now that bad actors can fully automate the lifecycle of an attack campaign, a defense-in-depth strategy is the best way to protect your organization.

Detect and defend against password spray attacks in real-time with Microsoft Entra ID Protection

Traditionally, security admins comb through logs to identify password spray attack patterns. Now, we’ve enhanced Microsoft Entra ID Protection to detect password spray attacks in real-time. It reduces remediation from hours to seconds by interrupting attacks during the sign-in flow.

Risk-based Conditional Access can automatically respond to this new signal by raising session risk, immediately challenging the next risky sign-in attempt, and stopping password spray attempts in their tracks. This cutting-edge detection, coming soon to public preview, works alongside existing detections for advanced attacks such as Adversary-in-the-Middle (AitM) phishing and token theft, to ensure comprehensive coverage against modern attacks.   

Learn more: Microsoft Entra ID Protection is available in our Microsoft Entra ID P2 or Microsoft Entra Suite plans, both of which offer a free trial.

Neutralize phishing attempts with passkeys

Attackers have responded to the rise in multifactor authentication (MFA) adoption by ramping up AitM phishing and social engineering techniques to steal user credentials. Passkeys counter these advanced attacks, as well as password attacks, while simplifying secure sign-ins.

A passkey is a strong, phishing-resistant authentication method you can use to sign in to any internet resource that supports the W3C WebAuthn standard. Passkeys represent the continuing evolution of the FIDO2 standard.

Passkeys in Microsoft Authenticator offer a cost-effective, phishing-resistant credential that users can access directly from their mobile devices, reducing the need to provision and purchase separate security keys. Today, we’re thrilled to share that device-bound passkey support in Microsoft Authenticator for iOS and Android is now Generally Available with improved registration and sign-in experiences, as well as attestation support that verifies the legitimacy of the Microsoft Authenticator app on the user's device before registering the passkey.

Get started with phishing-resistant passwordless authentication deployment in Microsoft Entra ID

Build pixel-perfect, external-facing apps with built-in enterprise-grade security

You can use Microsoft Entra External ID to secure access for your customers and business guests the same way you secure access for your employees. Familiar tools from Microsoft Entra ID and ID Governance help you protect, manage, and govern these external identities.

Native experiences designed for your brand or corporate identity are critical for elevating your end-user experience, driving brand loyalty, and ultimately accelerating business growth. With Native Authentication in External ID, generally available since September, developers can build pixel-perfect native mobile authentication experiences in minutes.

We recently released new security and customization options for external-facing web and mobile apps:

• New custom authentication extensions for email OTP support
• New security metrics tracked via user insights
• Enterprise-grade, built-in core protection features enabled for all your external-facing apps
• Extended support for additional social logins like Facebook, Apple, Google, and Custom OIDC are coming soon.

Learn more: Get information, documentation, and developer resources for Microsoft Entra External ID.

Supercharge your admins with accurate, reliable, and timely information  

Whether you’re working in the unified Microsoft Entra admin center or using Azure Portal, we make it easier to monitor and optimize your identity and network access security posture by delivering transparency in updates, adoption, and operations. The following capabilities, which incorporate ongoing customer feedback, are now generally available:

• What’s new: A clear and complete view of Microsoft Entra product updates, located in the Microsoft Entra admin center, helps you stay informed, evaluate the latest innovations, and eliminate the need to track updates manually.
• Health monitoring: Helpful visuals of trends and totals for various sign-in types make it easier to investigate the ongoing health of key scenarios. Plus coming soon, alerts for critical indicators generated by advanced detection algorithms can help you address issues more quickly.

Check out our sessions at Ignite to learn more

Whether you’re attending Ignite in person or online, you can learn more about all the new innovations in Microsoft Entra by connecting with us during the event.

Watch the live streams or recordings of Microsoft Entra sessions at Ignite:

Joy Chik

President of Identity and Network Access at Microsoft

Learn more:

• Get a free 90-day trial of the new Microsoft Entra Suite
• Register for upcoming Microsoft Entra events
  • December 12, 2024 webinar: Microsoft Entra Suite: Onboarding with Verified ID
  • December 3, 2024 digital event: Tech Community Live: Microsoft Security edition
• Read all of the Microsoft Security announcements from Ignite 2024

Learn more about Microsoft Entra  

Prevent identity attacks, ensure least privilege access, unify access controls, and improve the experience for users with comprehensive identity and network access solutions across on-premises and clouds. 

• ⁠Microsoft Entra Suite | Microsoft Security Blog
• Microsoft Entra News and Insights | Microsoft Security Blog
• ⁠⁠Microsoft Entra blog | Tech Community
• ⁠Microsoft Entra documentation | Microsoft Learn
• Microsoft Entra discussions | Microsoft Community  

[i] Microsoft Digital Defense Report 2024