This week was Microsoft Ignite, so in our final episode before we dig deep into what gets announced, Rich Dean and I welcomed Merill Fernando, Principal Product Manager at Microsoft, for an in-depth discussion about identity management and some exciting community projects.
Before diving into our main discussion, Rich and I explored the latest developments in Microsoft’s identity and security landscape, particularly focusing on what we can expect at the upcoming Microsoft Ignite conference.
What’s Coming at Microsoft Ignite
Microsoft Ignite is kicking off today, and as we approach Ignite, Merill gave us recommendations of what sessions to attend (or catch online), including the new Global Secure Access solution, which aims to simplify secure access management for organizations of all sizes.
While Microsoft has been pushing various security solutions (coming from various product groups under different sub-brands), this addresses some big asks from customers who need to provide remote access without complex VPN technology to a particular line of business apps hosted internally.
On the podcast, Merill recommended sessions to attend, and you’ll find a good list from the Entra ID team here.
Deep Dive into Maester.dev
The heart of our conversation centered around Maester.dev, Merill’s open-source PowerShell-based security framework. This isn’t just another Microsoft tool – it’s a community-driven project that’s actually solving real problems in identity management and security testing. What makes Maester particularly interesting is its approach to handling conditional access policies, which, as many administrators know, can become unwieldy in large environments.
Merill explained how organizations can use Maester to write their own security tests, breaking away from the one-size-fits-all approach that often comes with vendor solutions. The framework allows for customization based on specific business requirements, something that’s often missing in traditional security tools.
During our discussion, we touched on the role of AI in identity management and security. While there’s plenty of hype around AI in the industry, Merill offered a refreshingly pragmatic view. The focus with Maester isn’t on jumping on the AI bandwagon but rather on providing solid, reliable security testing and management capabilities that organizations can trust.
One of the most valuable parts of our conversation was hearing about real-world implementations of Maester. Merill shared several examples of how organizations are using the framework to maintain security at scale, particularly in environments with hundreds of conditional access policies across multiple tenants. The ability to automate testing and validation of these policies has proved to be a game-changer for many administrators.
For those looking to get started with Maester, Merill emphasized that the barrier to entry is intentionally low. The framework is designed to be accessible to administrators with basic PowerShell knowledge while still providing the depth needed for complex enterprise environments.
We’ll be back in two weeks’ time with more Microsoft 365 news and developments and unpacking what’s new at Ignite after the dust settles. Until then, don’t forget to subscribe to the podcast on your favorite platform to stay updated with our latest episodes.