Jef Kazimer

@ChikwadoCy @IAMERICAbooted Indeed. Securing ALL the agents is going to be key. They will out scale users.

@JefTek @IAMERICAbooted Not just security agents, all of not most AI agents.

Who can tell me how many agents are connected to your Microsoft tenant and what are they doing? This is a problem I'm going solve.

If you have a conditional access policy scoped to user action "Register security information" starting May 2026 the registration of Windows Hello for Business and macOS Platform SSO credentials will be in scope. #EntraID

On-prem is going to make a come back, yes or no?

@IAMERICAbooted Ah you meant WAF controls at the end point not the IDP. Got it.

@JefTek Its beyond that Jeff :) it has to do with SaaS apps being enumerable from the internet due to sp-initiated authn implementations. If its on the internet, attackers will do what attackers do :)

Who can tell me what benefit having Named Locations/IP Allowlists when you already have FIDO2 for authn to SaaS? Think like an attacker. I'll wait, hopefully not too long.

@IAMERICAbooted I can still walk up to an airport kiosk and use a FIDO2 key to get a token that could be stolen for example. Or maybe not wanting you to use your grandmothers PC to access work services even if using PR auth. Right control for right threat.

@IAMERICAbooted We have to think of authentication strengths of PR methods as an AND control and not the only control. Think layered controls. Require Phishing Resistant auth AND compliant device. Or PR auth AND allowed network.

This is a great overview of how organizations can modernize their access controls beyond the legacy group construct when using Microsoft Entra as the control plane for access. #identity #security agderinthe.cloud/2026/03/12/ret…. .

@IAMERICAbooted Great use case for Entra Internet Access to use those same identity based controls on the network. microsoft.com/en-us/security…

For everyone allowing unmanaged device connections to their network/m365, regular people now have full permissioned agents doing things on their behalf. 😆 🤣 😆 🤣 If you still allow access to your network from unmanaged devices, last year was the time to close that gap. Better late than never!

RIP Adam the woo. 51 is so young to pass. We really enjoyed his travel and sharing his adventures.

@m0bilej0n @disneytipsguy @Kdodgers24 Agreed. It’s a ride with such a storied past through the iterations. FARTS is where Figment shines beyond the ride.

@JefTek @disneytipsguy @Kdodgers24 They were way overdo to make a kids book. They did a decent job on it too. Then they brought him back for character encounters which was a good move. His ride is a semi shit show, but I still like it as a Monty python fan.

Grand fiesta tour is the worst ride in wdw

@crisisofconsc I am so sorry. When my 21yo cat had a stroke it was best thing we could do for her in a loving way. It was hard and she fought so hard after an earlier incident but we know she was ready. We were lucky our vet came to our home to help us say goodbye where she was loved. ❤️

I’ll be putting my baby to sleep tonight. His diagnosis is an aggressive large cell lymphoma, multiple masses near his heart and a very large one wrapping around his intestines in his stomach. Even with chemo he’d last 4-6 weeks, and that’s if it even works, he’s refusing food even on strong anti nausea meds, so I’m going to do the most compassionate option I have. He is the best cat and has been my best friend for 14 years.

@m0bilej0n @disneytipsguy @Kdodgers24 Figment is the purple soul of EPCOT.

@disneytipsguy @Kdodgers24 They’re both equally outdated, but figment is significantly better IP

@NathanMcNulty @glueckkanja_ Nah you raised attention on it and I believe I talked to the right team this morning to look at it. I’ll check back with them after the holiday

@JefTek @glueckkanja_ Thanks Jef, wish I could have figured out a better way to fix it and make a PR, just not in my skill set :(

If you are using the Verified ID helpdesk sample with the Teams webhook (or are thinking about it), you should use @glueckkanja_ MyWorkID instead Microsoft's example is not safe, and I've tried enough times to reach the right PMs to get it fixed

@NathanMcNulty @glueckkanja_ I shared it with the right PM and he will take a look at it.

@JefTek @glueckkanja_ Thank you Jef! We tried to chase things down through Elite partner support, GH issue, reached out to Harish, etc. I've tried to rewrite it to be 3 pages with the last one loading the JS, but I broke too many things well, technically AI broke them, but I can't code either :p

👋 Check out this new Microsoft Entra blog post 👇 Securing the AI era starts with identity techcommunity.microsoft.com/t5/microsoft-e…

The team has updated the public documentation on all the IGA capabilities across the #Entra identity platform mapping to what license tier, and including details on the agents we recently announced. #identity #Microsoft #security learn.microsoft.com/en-us/entra/id…

This was a present given to me that is going to take up all my holiday time being able to connect MS Graph via Microsoft Enterprise MCP with Log Analytics log activity data via github.com/microsoft/fabr…

@IAMERICAbooted I like the term "Informed Privacy" in that people be informed that what digital footprint is not private from those who have access to it, so operate appropriately.

Key take away: there is no such thing as privacy. Every button you push, logged somewhere. Everything.

@IAMERICAbooted Built in break periods ;)

Today I found out Im going to work for 6 hours a day and get paid for 8 :p Why? PIM FOR Groups with Purview. Those who know, know.