Building secure multi-tenant applications with Microsoft Entra ID: A guide for ISVs
In today's rapidly evolving digital landscape, Independent Software Vendors (ISVs) face the significant challenge of developing secure, multi-tenant applications that seamlessly integrate with their customers' existing infrastructure. Microsoft Entra ID offers a robust solution for managing user identities, providing ISVs with tools to enhance security and streamline the user authentication process. In this blog post, we'll explore key security strategies for ISVs and provide additional resources to help you get started. Context As the demand for SaaS applications grows, ISVs must ensure their applications are not only functional but also secure. Multi-tenant applications, which serve multiple customers from a single instance, present unique security challenges. One of the primary concerns is managing user identities securely across different tenants. Microsoft Entra ID addresses these challenges by offering a comprehensive identity management platform that simplifies authentication and authorization while enhancing security. Figure 1 – Single Sign On for seamless user experience Key Security Strategies for ISVs Utilize Microsoft Entra ID for Identity Management Microsoft Entra ID provides a secure, scalable identity management solution that handles user authentication, authorization, and access management. By leveraging Entra ID, ISVs can avoid the complexities and risks associated with building their own identity systems. Adopt Standard Protocols A well-maintained library like MSAL should be the first choice instead of implementing a protocol. Microsoft Entra ID supports industry-standard protocols like OAuth 2.0, OpenID Connect, and SAML, which facilitate secure authentication and authorization. As the last and most expensive choice, ISVs can implement a protocol but must ensure they stay up to date with the protocol. Design for Data Separation In a multi-tenant environment, it is crucial to maintain data separation between tenants to prevent unauthorized access. ISVs should implement robust authorization models and leverage Entra ID's capabilities to ensure data integrity and confidentiality. Become a Verified App Publisher To build trust with customers, ISVs can become verified app publishers. This process involves joining the Microsoft AI Cloud Partner Program and undergoing a vetting process, assuring customers of the application's authenticity and security. Take action: Set up your multitenant identity today For ISVs looking to deepen their understanding of Microsoft Entra ID and its capabilities, here are some valuable resources: Microsoft Entra ID Documentation – Explore comprehensive guides and tutorials on implementing Entra ID in your applications. Microsoft Identity Platform Developer Guide – Learn how to integrate authentication and authorization into applications. aka.ms/UpcomingIDLOBDev - Curated content for Microsoft Identity platform training workshops By adopting these strategies and utilizing the resources provided, ISVs can build secure, scalable, and efficient multi-tenant applications that meet the growing demands of their customers. Embracing Microsoft Entra ID not only enhances security but also simplifies the development process, allowing ISVs to focus on delivering innovative solutions. Want to learn more: 📅 Join our ISV Security sessions to stay updated on the latest best practices 🔗 Subscribe to Azure Security Updates for continuous learning 📞 Connect with your Microsoft account representative for tailored security guidance Let’s work together to build a more secure digital future. 🚀New GitHub Copilot benefit for ISV Success Expanded Package
We are thrilled to announce a new benefit for some of our ISV Success participants. As part of our continuous commitment to supporting and empowering ISVs, we are introducing a NEW Expanded Package benefit that can take your development projects to the next level. NEW – Expanded Package benefit ISV Success Expanded Package participants are now potentially eligible for up to $5,000 in Azure credits, exclusively for GitHub Copilot. This incredible opportunity is designed to help you leverage the power of GitHub Copilot, an innovative AI tool that assists developers in writing code faster, with greater efficiency and confidence. How to determine your eligibility To find out if you qualify for this enhanced benefit, please reach out to your Engagement Manager. (To find out who is your assigned ISV Success Engagement Manager, type “who is my engagement manager” into the AI-powered assistant on ISV Hub: https://www.microsoft.com/isv/. If you are in Marketplace Rewards, you can email rewards@microsoft.com a member of the Market Rewards team will respond within 1-2 business days.) They will assist you in understanding if you are eligible for criteria and guide you through the process of applying for Expanded Package and these additional GitHub Copilot credits. At ISV Success, we are dedicated to offering valuable resources and support to help you achieve your development goals. Don't miss out on this exceptional opportunity to enhance your productivity and bring your projects to life with the power of GitHub Copilot. Stay tuned for more updates and exciting announcements from ISV Success! Additional Resources: Join ISV Success Review all ISV Success benefits Learn more about expanded benefits
Empowering AI innovation with Azure AI Foundry
In a recent meeting at the Azure AI Foundry Partner Council, we delved deep into the capabilities and future of Azure AI Foundry, highlighting its unified AI platform, extensive model catalog, and the innovative services and tools it offers. With a rising trend in the use of multiple AI models and the evolving capabilities of AI agents, Azure AI Foundry is at the forefront of streamlining the AI development process. The highlight of the meeting was the announcement of the Foundry SDK, bringing with it a unified inferencing API and support for multiple languages. This SDK promises to revolutionize how developers approach AI projects, offering templates for quick starts and a host of upcoming features and improvements. Additionally, new tools and integrations with GitHub and Visual Studio Code were introduced, enhancing the developer experience and providing seamless transitions between different platforms. A particularly exciting development is the upcoming launch of Sora, a new visual experience within Azure Open AI services. This launch is set to redefine how users interact with AI models, making the process more intuitive and visually engaging. As probably some of the readers are also evaluating, participants were keen to understand the scalability of low-code solutions and the transition to pro-code. For more complex capabilities, Foundry provides a seamless integration experience, ensuring that developers can easily transition between different SDKs and platforms. It doesn’t matter which dev tools you are using we’ll provide you with what you need wherever you are. Looking ahead, future developments such as the Foundry Canvas, observability suite, and management center were discussed, along with new products like Catalog NextGen and Foundry Copilot. These innovations promise to further enhance the capabilities of Azure AI Foundry, making it an indispensable tool for AI developers. Learn more about Azure AI Foundry: Azure AI Foundry | Microsoft Learn Join upcoming Azure AI Foundry Partner Council sessions to continue learning about the Azure AI Platform. February 13: Hello to the AI agentic world February 19: Build your first agent with Azure OpenAI Agent Service workshop February 20: GenAIOps lifecycle and best practices February 27: Managing and optimizing GenAI costs- updated FinOps approach For more information, please contact aipartnerteam@microsoft.com. Links and Resources: Evaluation of generative AI applications with Azure AI Foundry - Azure AI Foundry - Microsoft Learn Microsoft’s Agentic AI Frameworks: AutoGen and Semantic Kernel - Semantic KernelUnlocking the power of co-sell: what to expect in the upcoming webinar series with Rubrik and Tackle
For ISVs, partnering with cloud providers is a powerful growth engine, opening doors to new customers, expanding market reach, and driving revenue. Co-selling is a key lever in this partnership, enabling ISVs to align with cloud providers like Microsoft to accelerate growth, strengthen relationships, and close larger deals. However, developing a successful co-sell practice doesn’t just happen overnight—it requires strategic alignment, scalable resources, and a deep understanding of partner incentives. To help you navigate this journey, Rubrik and Tackle are teaming up for a two-part webinar series designed to help you build, operationalize, and scale a strong co-sell strategy with Microsoft. In these sessions, you’ll learn how to: Develop a scalable co-sell strategy aligned with Microsoft’s goals Streamline your co-sell motion with workflows, CRM alignment, and deal-sharing strategies Strengthen relationships with Microsoft sellers and aligning with Azure’s consumption goals Led by Rubrik Head of Global Cloud Alliances Jasmine Kronk and Tackle’s co-sell experts, this webinar series will equip you with the tools and knowledge you need to co-sell with confidence. Here’s a preview of what you’ll learn in each session: Session 1: Building a Winning Strategy to Accelerate Growth with Microsoft Date: February 24, 2025 at 9:30 am PST To successfully co-sell with Microsoft, ISVs need a clear strategy that aligns with Microsoft’s priorities, streamlines collaboration, and maximizes growth opportunities. In this session, experts will share key insights on how to operationalize co-sell, build strategic relationships, and leverage marketplace to accelerate revenue. Here are the top takeaways from this session to help you build a winning a winning co-sell strategy: Use Co-Sell as a strategic GTM motion. Co-selling with Microsoft is not just a checkbox activity; it's a fundamental go-to-market (GTM) strategy that can drive growth, increase deal sizes, and accelerate sales cycles. ISV should leverage co-sell partnerships to shorten sales cycles and close larger deals. Understand the value proposition. To succeed in the Microsoft ecosystem, ISVs must clearly define their unique value proposition. Aligning your solution with Microsoft’s priorities, like driving Azure consumption, creates mutual benefits and strengthens co-sell opportunities. Operationalize co-sell for scale. Streamlining internal processes is key to scaling co-sell efforts. This includes integrating CRM systems, defining deal-sharing criteria, and maintaining a structured approach to pipeline management. Regularly sharing deal updates, tracking performance metrics, and ensuring cross-team alignment helps optimize efficiency and collaboration. Measuring key indicators, such as deals won and revenue impact, ensures ongoing success. Build relationships with Microsoft stakeholders. Establishing a network of advocates within Microsoft is critical for driving future co-sell opportunities. By building trust and understanding, you can create an environment where Microsoft reps actively refer and promote your solutions to customers, ultimately generating more leads and sales. Leverage marketplace as a growth engine – Combining co-sell efforts with marketplace sales streamlines procurement for customers, improves accessibility, and accelerates revenue generation. Session 2: How to Operationalize and Scale Your Co-Sell Motion with Microsoft Date: February 26, 2025 at 9:30 am PST To scale their co-sell motion, ISVs need a structured approach that integrates co-selling into their overall GTM strategy, fosters alignment with Microsoft stakeholders, and prioritizes high-impact opportunities. In our second session, we share key strategies for operationalizing co-sell, from creating scalable resources to building cross-functional support. Here are the top takeaways to help you drive repeatable success and accelerate growth: Co-sell as a strategic element: Co-selling should be treated as a fundamental part of your go-to-market strategy, not just a one-off tactic. It’s about embedding co-sell into your broader sales approach to drive sustained growth. A strategic co-sell motion can accelerate sales cycles, increase deal sizes, and create longer-term partnerships. By making co-sell a core component of your GTM plan, you ensure it aligns with your broader business objectives and supports scalable growth over time. Align product-market fit: For co-sell success, your product must seamlessly integrate within your partner’s ecosystem and address critical customer pain points. It’s not just about having a solution that works technically, but one that directly ties into your partner's goals and creates clear value for the customer. This ensures both parties can demonstrate the solution’s unique value, which not only drives immediate sales but fosters repeatable success and strengthens your co-sell partnership. Understand mutual incentives: Co-selling is most effective when both parties benefit. To maximize this, you need to understand your partner’s motivations—whether that’s driving Azure consumption, hitting specific adoption targets, or achieving quota goals. By aligning your co-sell strategy with these priorities, you create a win-win dynamic that fosters stronger collaboration and accelerates the deal process. Recognizing and addressing your partner’s evolving incentives ensures that both sides remain motivated to drive deals forward. Create scalable co-sell resources: To sustain and scale co-selling efforts, it’s critical to build reusable resources and processes. This includes developing playbooks, one-pagers, email templates, and other assets that can be quickly deployed across teams and regions. With these resources, sales teams spend less time creating new materials and more time engaging meaningfully with partners. Scalable resources streamline operations, maintain consistency, and support seamless collaboration, which ultimately drives more efficient and impactful co-selling motions. Prioritize high-value accounts: Rather than spreading your co-sell efforts across a broad spectrum of clients, it’s more effective to focus on high-value accounts. Start by identifying where your ideal customer profiles overlap with your partner’s customer base, and build upon these existing synergies. This focused approach allows you to dedicate time and resources to deals with the highest potential for revenue growth. It reduces wasted effort on low-impact accounts and increases your chances of closing more significant, higher-value deals with your partner. Join us to master co-selling Whether you’re just getting started with co-sell or you’re looking to optimize existing efforts, these sessions will provide actionable insights you can immediately apply to your strategy. Register now to secure your spot and take your co-sell strategy to the next level!The future of CIAM: How Transmit Security and Microsoft are reshaping passkey adoption and security
In this guest blog post, Ravit Aviv, Director of Technology Alliances at Transmit Security, discusses the layers of customer identity and access management (CIAM) protection that are essential for optimizing passkey security and customer experience and how you can reap the rewards with Mosaic by Transmit Security and Azure AD B2C or Entra External ID.Exploring Azure AI Content Understanding: Insights from the Partner Council Session
Azure AI Content Understanding is a powerful AI service designed to process and analyze various types of content, including documents, audio, images, videos, and text files. Here are some of its key features and capabilities: Multimodal Data Ingestion: This feature allows the ingestion of diverse types of data, such as documents, images, audio, and video. It uses a range of AI models available in Azure AI to convert the input data into a structured format that can be easily processed and analyzed by downstream services or applications Information Extraction Using Schemas: Azure AI Content Understanding helps define schemas of the extracted results to fit specific needs. This can be done by generating task-specific representations of the output, such as insights, features, or summaries from a pre-configured set of schemas or customized ones. For example, it can generate captions, transcripts, or summaries from video or audio files, and thumbnails, previews, or highlights from images or video files Grounding and Confidence Scores: This feature ensures that the extracted results are accurately, grounded to the input content, and provide confidence scores for the extracted data, making automation and validation more reliable and efficient The platform leverages generative AI models to unify these processes, effectively addressing challenges such as prompt engineering complexities, model selection dilemmas, and lifecycle management hurdles. By offering a structured approach to processing unstructured data, Azure Content AI Understanding accelerates time-to-value, making it an essential tool for businesses aiming to derive actionable insights efficiently. Live Demonstrations The session featured three key demos, illustrating the real-world application of Azure AI Content Understanding: Post-Call Analytics Demonstrated the creation of a content understanding project in AI Foundry. Showcased schema definition for extracting information from multilingual audio files. Highlighted structured outputs, including call summaries, sentiment analysis, and key topic extraction. Document Processing Focused on schema definition for extracting key fields (e.g., title, date, scope of work) from PDF documents. Demonstrated data labeling, correction of extractions, and confidence score enhancement through additional training samples. Video Processing Explained the breakdown of video content into structured elements such as key frames, descriptions, and sentiment analysis. Real-World Applications and Common Use Cases Highlighted several compelling use cases illustrating Azure AI Content Understanding in action: Insurance Claim Processing: Integrating written statements, call recordings, police reports, and video footage to expedite claims decisions. Contact Center Analytics: Enhancing customer service through insights derived from call recordings and chat logs. Social media Trend Analysis: Extracting valuable insights from social media videos to identify emerging trends and relevant product mentions. For those seeking additional insights, we encourage viewing the session recording HERE or you can read more about it here: Announcing Azure AI Content Understanding: Transforming Multimodal Data into Insights | Microsoft Community Hub For specific questions you can reach out to the Azure AI Partner Team at aipartnerteam@microsoft.com or continue the conversation below in the comments.Designing secure and resilient ISV applications
Understanding the evolving security landscape Cyber threats have increased fivefold in the past year, with organizations facing: 340 million nation-state cyberattacks daily A rise in password attacks from 4,000 to 7,000 per second Over 1,500 tracked threat actors, up from 300 in 2023 With the growing sophistication of adversaries, prioritizing security is no longer optional—it’s a necessity. ISVs must take proactive measures to safeguard their applications and services. Figure 1- Cyber threats in the Era of AI Key security strategies for ISVs 1. Embed security into product design Security should be an integral part of the software development lifecycle (SDLC), not an afterthought. By incorporating secure design principles early, ISVs can reduce costs and risks associated with vulnerabilities. Perform threat modeling to identify risks before development Use secure coding frameworks and avoid custom-built security controls Implement the Zero Trust model, assuming no implicit trust for users, devices, or applications 📌 Explore: Microsoft Secure Development Lifecycle guide 2. Strengthen identity and access controls Identity remains the primary security perimeter. Implement strong authentication and authorization mechanisms to protect user accounts. Enforce Multi-Factor Authentication (MFA) to block 90% of cyberattacks Use conditional access policies to limit access based on risk signals Adopt least privilege principles to restrict access to necessary resources 📌 Start with: Identity and Access Management in Azure guide 3. Secure secrets and credentials One of the most common security mistakes is hardcoding credentials in source code. Instead: Store secrets securely using Azure Key Vault Implement automated secret scanning to detect exposed credentials Rotate secrets regularly and avoid long-lived access tokens 📌 Check: GitHub Advanced Security for automated secret scanning 4. Adopt a Zero Trust architecture Traditional perimeter-based security is no longer sufficient. The Zero Trust model ensures continuous verification across: Identities – Enforce strong authentication and least privilege access Devices – Assess compliance before granting access Applications & Data – Restrict access based on risk levels 📌 Learn more: Zero Trust Guidance Center 5. Ensure secure supply chain practices Many security breaches originate from compromised third-party dependencies. Strengthen your software supply chain security by: Using code signing and package verification for all dependencies Scanning for vulnerabilities in third-party libraries Implementing DevSecOps pipelines to automate security checks 📌 Read: Secure Supply Chain Consumption Framework 6. Protect against AI-specific threats AI-powered applications introduce new attack vectors, including prompt injection, model poisoning, and adversarial manipulation. Mitigate these risks by: Using responsible AI principles to minimize unintended biases and risks Applying AI safety measures, such as Azure AI Content Safety Restricting access to models and validating input/output integrity 📌 Discover: Microsoft Responsible AI Guidelines 7. Monitor and respond to security threats Effective threat detection and incident response are essential for minimizing damage from cyberattacks. Use Microsoft Sentinel for real-time security monitoring Automate threat detection with Defender for Cloud Establish an incident response plan to quickly contain and mitigate breaches 📌 Explore: Microsoft Defender for Cloud _________________________________________________________________________________________ Take action: strengthen your security posture today Security is an ongoing journey. By adopting proactive security strategies, ISVs can build resilient, trusted applications that safeguard customers and drive long-term success. 🔹 Want to learn more? 📅 Join our ISV Security sessions to stay updated on the latest best practices 🔗 Subscribe to Azure Security Updates for continuous learning 📞 Connect with your Microsoft account representative for tailored security guidance Let’s work together to build a more secure digital future. 🚀 __________________________________________________________________________________________ Additional resources To embed your security when you design your applications, explore these key resources: Security Development Lifecyle: https://www.microsoft.com/en-us/securityengineering/sdl Secure Supply Chain Consumption Framework: https://www.microsoft.com/en-us/securityengineering/sdl/s2c2f Cloud Adoption Framework: https://aka.ms/caf Zero Trust: https://aka.ms/Zero-Trust Adopt Security: https://aka.ms/trysecurity SaaS Workload: https://learn.microsoft.com/en-us/azure/well-architected/saas/ Join ISV Success: www.microsoft.com/isvStrengthening ISVs in the Era of AI: Introducing the ISV Security Series
The ISV Security Series aims to help Independent Software Vendors (ISVs) and Software as a Service (SaaS) companies navigate the complexities of cybersecurity in the AI era, providing tools and insights to enhance their security posture.
