AI Agents Need Their Own Identity: A Zero Trust Playbook
Stop wiring AI agents to shared secrets and borrowed service accounts. Treat every agent as a governed non-human identity with the controls you already run.
Stop wiring AI agents to shared secrets and borrowed service accounts. Treat every agent as a governed non-human identity with the controls you already run.
Lifecycle Workflows can now test an Update user attributes task for joiner, mover, and leaver automation.
Microsoft Entra now lets you apply Purview sensitivity labels to cloud security groups in public preview — here’s why it matters and how to test it.
SAP SuccessFactors HR provisioning can now use short-lived federated OIDC tokens instead of stored basic-auth passwords. Here’s how the Public Preview works.
Modernized My Account pages are generally available, giving users clearer self-service paths for account and device tasks.
Microsoft single sign-on for Linux is generally available, bringing Entra registration, brokered SSO, and device-based controls to Linux desktops.
Passkeys on Windows Hello let users register device-bound FIDO2 credentials in the local Windows Hello container.
Microsoft Entra registration campaigns can now nudge eligible users to register passkeys during sign-in.
Access packages can now govern active and eligible Azure RBAC assignments at key Azure scopes in Public Preview.
Domainless SAML federation lets external users sign in with their own IdP even when email domains do not map cleanly.
Device soft delete moves deleted Entra device objects into a recoverable state instead of removing them immediately.
Cross-tenant group synchronization is generally available for synchronizing security groups and memberships across Entra tenants.