Microsoft Entra will block hard match for users with admin roles
Microsoft Entra ID is changing hard-match behavior for cloud-managed users that hold Microsoft Entra roles.
Posts
Microsoft Entra Registration Campaigns Now Support Passkeys
Microsoft Entra registration campaigns can now nudge users to register passkeys during sign-in.
Defender version compliance with Intune proactive remediations
A field note on using Intune proactive remediations to detect Microsoft Defender version drift, trigger updates, and keep evidence.
Local AI Agents in Microsoft Defender: visibility first, blocking later
A practical note on Microsoft Defender Local AI Agents, the AgentsInfo preview table, and why I would validate inventory before blocking anything.
Hunting Zombie Software: How I Automate the Removal of Unauthorized and EOS Apps
Shadow IT is the natural enemy of a clean software inventory. In my environment, users with legacy local admin rights used to install whatever they wanted—unapproved browsers, outdated image editors, and “handy” utilities. These apps quickly became an IT headache, especially when Microsoft Defender for Endpoint flagged them as End-of-Life (EOL) or End-of-Support (EOS). Instead of playing whack-a-mole with individual apps in the portal, I developed a workflow that starts with a deep hunt in Defender and ends with an automated “kill” via Intune. ...