Skip to content

Network - 25398 - Domain controller RDP access is protected by phishing-resistant authentication through Global Secure Access#873

Merged
SagarSathe merged 16 commits intomainfrom
Feature-25398
Feb 27, 2026
Merged

Network - 25398 - Domain controller RDP access is protected by phishing-resistant authentication through Global Secure Access#873
SagarSathe merged 16 commits intomainfrom
Feature-25398

Conversation

@Manoj-Kesana
Copy link
Collaborator

@Manoj-Kesana Manoj-Kesana commented Feb 10, 2026

No description provided.

@Manoj-Kesana Manoj-Kesana self-assigned this Feb 10, 2026
@Manoj-Kesana Manoj-Kesana marked this pull request as ready for review February 10, 2026 03:11
@alexandair alexandair requested a review from Copilot February 10, 2026 06:39
Copilot AI reviewed Feb 10, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Adds a new Network assessment (25398) to evaluate whether Entra Private Access (Global Secure Access) RDP access to domain controllers is protected by Conditional Access requiring phishing-resistant authentication.

Changes:

  • Introduces a new PowerShell test (25398) that discovers Private Access apps/segments with RDP (3389) and correlates them with CA policies requiring “Phishing-resistant MFA”.
  • Generates markdown reporting tables for identified DC-like hosts, RDP apps, and relevant CA policies.
  • Adds the corresponding remediation documentation markdown page for assessment 25398.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 5 comments.

File Description
src/powershell/tests/Test-Assessment.25398.ps1 New assessment logic to discover Private Access RDP exposure and evaluate CA phishing-resistant auth coverage, plus report generation.
src/powershell/tests/Test-Assessment.25398.md New assessment documentation describing risk and remediation steps with a results placeholder.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@Manoj-Kesana Manoj-Kesana marked this pull request as draft February 10, 2026 15:39
Manoj-Kesana and others added 2 commits February 14, 2026 01:48
@Manoj-Kesana
Code refactored
6516863
@Manoj-Kesana
Update src/powershell/tests/Test-Assessment.25398.ps1
d18ca09 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Copilot AI mentioned this pull request Feb 16, 2026
Closed
Copy link
Contributor

Copilot AI commented Feb 16, 2026

@Manoj-Kesana I've opened a new pull request, #900, to work on those changes. Once the pull request is ready, I'll request review from you.

@Manoj-Kesana Manoj-Kesana marked this pull request as ready for review February 16, 2026 07:57
@alexandair alexandair requested a review from Copilot February 16, 2026 08:01
Copilot AI reviewed Feb 16, 2026
View reviewed changes
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 2 out of 2 changed files in this pull request and generated 3 comments.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

@Manoj-Kesana Manoj-Kesana marked this pull request as draft February 16, 2026 12:13
Manoj-Kesana and others added 3 commits February 20, 2026 23:31
@Manoj-Kesana
Merge branch 'main' of https://github.com/microsoft/zerotrustassessment
cbe5458 
… into Feature-25398
@Manoj-Kesana
Update src/powershell/tests/Test-Assessment.25398.ps1
25876e1 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@Manoj-Kesana
Update src/powershell/tests/Test-Assessment.25398.ps1
fe3a90d 
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
@Manoj-Kesana Manoj-Kesana marked this pull request as ready for review February 24, 2026 03:34
@Manoj-Kesana Manoj-Kesana added the ready for review PR is ready for review and merging label Feb 24, 2026
alexandair
alexandair requested changes Feb 26, 2026
View reviewed changes
Copy link
Collaborator

@alexandair alexandair left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@Manoj-Kesana Please, address my feedback.

alexandair
alexandair approved these changes Feb 26, 2026
View reviewed changes
Copy link
Collaborator

@alexandair alexandair left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@SagarSathe SagarSathe merged commit 5990db3 into main Feb 27, 2026
4 checks passed
@Manoj-Kesana Manoj-Kesana deleted the Feature-25398 branch March 2, 2026 08:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@alexandair alexandair alexandair approved these changes

@SagarSathe SagarSathe SagarSathe approved these changes

Assignees

@Manoj-Kesana Manoj-Kesana

Labels

ready for review PR is ready for review and merging

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

5 participants

@Manoj-Kesana @alexandair @SagarSathe