Loading...

Some ramblings around Continuous access evaluation, support for Graph and service principals

Some ramblings around Continuous access evaluation, support for Graph and service principals

This article delves into the topic of Continuous Access Evaluation and its support for Graph and service principals. The author explores whether the Graph resource supports CAE and how long-lived CAE tokens are issued. They also consider whether accepting additional risk for CAE is worth it in certain scenarios.

However, the article also highlights the potential dangers of using CAE-capable service principal, particularly in situations where they may be compromised. The author notes that the support for revocation of such service principals is unclear, leaving room for potential security vulnerabilities.

If you are a security professional working with Continuous Access Evaluation or Graph resources, this article provides valuable insights and considerations for ensuring secure access management.

Continue reading this article on https://www.michev.info.

Published on:

Learn more
Michev
Michev

Share post:

Related posts

Microsoft Entra Private Access for on-prem users

The emergence of cloud technology and the hybrid work model has brought along new network security challenges, as the traditional virtual priv...

1 month ago

Expert Tips for Managing OneLake Data Access in Microsoft Fabric

If you're looking for expert tips on managing OneLake data access within Microsoft Fabric, this post can help you learn how to control user ac...

1 month ago

Microsoft Copilot (Microsoft 365): Insider Risk Management – Microsoft Purview capabilities in Copilot for Security

This article explores how Microsoft Purview capabilities in Copilot can be used for insider risk management, providing security teams with unp...

2 months ago

Microsoft Purview compliance portal: Insider Risk Management- OCR support in Insider Risk Management

Microsoft has announced an update to its Purview Insider Risk Management platform that enhances its scanning capabilities by adding Optical Ch...

9 months ago

Continuous Access evaluation – IP Location change

This video discusses the integration of Continuous Access Evaluation (CAE) with Power Platform Dataverse environments, enabling continuous eva...

1 year ago

Microsoft Purview compliance portal: Insider Risk Management – OCR support in Insider Risk Management

Microsoft Purview Insider Risk Management is about to receive a new feature that will support Optical Character Recognition (OCR) scanning tec...

1 year ago

Episode # 85 – What’s the best to manage Azure Conditional Access Policies?

In this episode, the focus is on Azure Conditional Access Policies and the best way to manage them. The podcast delves into the intricacies of...

1 year ago

Securing Backend APIs Using Azure API Management Policies (Part 2)

In this second part of the tutorial series, we'll explore policy expressions and how they can be used to regulate API access and safeguard bac...

2 years ago

Azure Active Directory Conditional Access

If you want to know more about Conditional Access in Azure Active Directory, this podcast episode is a must-listen. In this episode, Daniel Wo...

2 years ago

Module 2: Access Tokens | Microsoft Graph Fundamentals for Beginners

If you're looking for an overview of access tokens in the context of Microsoft Graph, you've come to the right place. This video tutorial expl...

2 years ago
Stay up to date with latest Microsoft Dynamics 365 and Power Platform news!
* Yes, I agree to the privacy policy