Eric Woodruff
@ericonidentity.com
1.6K followers 500 following 67 posts
Entra nerd currently @ #Semperis. Parent. Partner. MS Security MVP. Views are those of my cat.
Posts Media Videos Starter Packs
I’ve been finding the #Entra Usage & Insights report useless lately when it comes to #passkey reporting.

Why? It’s broken.

It’s concerning that this seems to be an ongoing issue that isn’t tenant specific and Microsoft hasn’t caught it.

#EntraID

ericonidentity.com/2025/09/02/e...
Entra Useless Insights Report - Eric on Identity
Exploring the Entra Usage & Insights report on MFA usage, and the issues with the reports lack of accuracy, as well as a workaround.
ericonidentity.com
Going right from @wearetroopers.bsky.social in Heidelberg to @fwdcloudsec.org in Denver ✈️ - from one excellent conference to another!

I’m looking forward to speaking Monday @ 2:00pm in track 1 on the dangers of #nOAuth, with some new and tweaked slides and talking points!

#Entra #EntraID
At @wearetroopers.bsky.social I dropped new research on #nOAuth, an abuse of #EntraID that allows you to spoof users in vulnerable SaaS applications. The attack is still alive and well.

You can read all about it here:

#Entra #M365 #infosec

www.semperis.com/blog/noauth-...
New nOAuth Abuse Alert: Entra Cross-Tenant Saas Apps at Risk
Think nOAuth abuse is old news? We wish. Our recent testing shows that nearly 10% of apps in the Microsoft Entra Gallery remain vulnerable.
www.semperis.com
On the way to #TROOPERS25. The short flight is down… just waiting for the long one to Frankfurt.

Looking forward to talking about #nOAuth with #Entra… sadly it’s still a thing 😑

#EntraID #infosec @wearetroopers.bsky.social
Reposted by Eric Woodruff
Did you know you can send LAPS passwords to Entra on Server OS? Neither did @adamgrosstx.bsky.social or I until yesterday! Just need to hybrid join the server(s) and set the GPO to backup to "AAD"! Neat!
In 2019, before the AZ-104 days, I failed AZ-101 the first time around…
Obligatory photo from airplane en route to the #mvpsummit
Now do Yggdrasil 😏
Reposted by Eric Woodruff
The last two months have been a chaotic whirlwind of emotions and activity. I needed to talk about it, so I did: jakehildreth.github.io/blog/2025/03...
New Job! New MVP?
Hi.
jakehildreth.github.io
Reposted by Eric Woodruff
Yesterday morning, I woke up to an email from Microsoft with the subject "Congratulations on your Microsoft MVP award". I immediately thought it was a phish, but I dug a bit further.

It's real! 🤯 I was selected as an MVP in "PowerShell" and "Identity & Access"!
Reposted by Eric Woodruff
MC2MC @mc2mc.be · Feb 25
📢 To all attendees, sponsors, and speakers of MC2MC Connect!

📸 We have uploaded all the event photos to the Gallery page on the MC2MC Connect website, so you can look back and relive the day!

🔗 connect.mc2mc.be/gallery/

#MC2MC #ConnectMC2MC #MC2MCConnect
If you work in, around, near, adjacent, or so on, to #identity, including #infosec and #Entra, you should fill out the #IDPro skills survey. It takes five minutes and really helps in understanding the industry landscape.

www.surveymonkey.com/r/L9QB6T2
IDPro 2025 Skills, Programs, and Diversity Survey
Take this survey powered by surveymonkey.com. Create your own surveys for free.
www.surveymonkey.com
I received an interesting #M365 subscription email the other week, that turned out to be a scam.

I figured I'd pick it apart, and found it curious enough to share the details.

#entra #infosec #m365security #azure

ericonidentity.com/2025/02/20/a...
An interesting M365 billing scam - Eric on Identity
A look at a recent spam scam email that I received, trying to understand what mechanism the attacker is using to deliver the scam email.
ericonidentity.com
Not yet… 😬. Congrats to you though! I’m hoping I’ll be there regardless of speaking to catch your talk!
Reposted by Eric Woodruff
MC2MC @mc2mc.be · Jan 28
We’re pleased to announce the next speaker for MC2MC Connect: @ericonidentity.com 🚀

In this session, Eric will dive deep into the most common questions about app registrations, enterprise apps, and service principals. 🔍🛡️

🔗 tinyurl.com/5dxvnsn4

#MC2MC #ConnectMC2MC
Reposted by Eric Woodruff
Zuckerberg "loved" an AI slop image on a spam page that also posts AI images of children with amputations, elderly people, fake images of graves, links offsite to ad-loaded pages, etc. Exciting stuff for me

www.404media.co/zuckerberg-l...
Zuckerberg 'Loves' AI Slop Image From Spam Account That Posts Amputated Children
Zuckerberg seems to enjoy the spam that has taken over his flagship product.
www.404media.co
If you consume multi-tenant apps in #EntraID, and they’ve been granted consent to do things in your tenant, you can spy on the auth choices your vendor makes - secrets or certs - in the logs available in your #Entra tenant.

#infosec #m365 #azure

ericonidentity.com/2025/01/13/s...
Spying on your ISVs credential choices - Eric on Identity
Examining Entra ID sign-in and graph activity logs to determine what type of credentials your ISVs use in their multi-tenant applications.
ericonidentity.com
Oh I’ve submitted a few things at various places… hoping to be at Identiverse one way or another this year
With all the speaking I burnt and crashed a bit towards the end of 2024. I plan on writing about the speaking experience… but first hoping to get back into writing more as I research stuff. Hope to have both a personal blog and Semperis blog article out this week 🤞.
Looking forward to when I can talk about the more interesting case 👀 #MSRC #Entra