Workplace Ninja Summit 2024

We've spent the last few years modernizing clients, kicking them out of Active Directory and optimizing them to run outside the corporate network. The use of modern protocols, conditional access and the integration of MDE and Intune now enables us to access cloud services with access management that largely complies with the principles of zero trust.

However, when it comes to accessing legacy apps in the old data center world, we unfortunately all too often fall back on the old solutions - perhaps enhanced with some SAML and certificates - and features such as microsegmentation and session revocation are sought in vain.

In this session I would like to discuss and show why Microsoft's SSE solution is so much closer to my understanding of Zero Trust Network Access by explicitly checking every session in the network during its establishment, limiting access to the least necessary and disconnecting in case of a breach.

As a security architect who used to deal intensively with networks and in recent years with identity, I am very much looking forward to a deep dive on the topic of Single SignOn when accessing the OnPrem environment with Private Access.

In addition to the way the technology works, you will learn what needs to be considered during POC and rollout and what differences there are to a classic VPN project.

Think you know Passwordless Authentication? Well, think again. In this deep dive session, Join Microsoft MVP, Andy Malone as he takes you on a journey inside the next generation of Passwordless authentication using FIDO technologies. Now that FIDO keys have become virtual and can be deployed via any mobile device or desktop. Design to thwart hackers and ensure your digital world remains secure. With discussions, demos, tips and advice. Andy will walk you through all aspects of exactly what Passkey’s are, how they work and of course how to manage them.

Modern security teams use various tools like SIEM, XDR, SOAR, UEBA, exposure management, and threat intelligence. However, these tools generate a large number of alerts and security signals, making it difficult for security professionals to manage them efficiently. In this session, Ramya Chitrakar will discuss how a unified security operations platform can break down these silos with a seamless experience, allowing security admins and analysts to work more effectively to level up your company’s defenses and ultimately bring down your MTTR in the case of an attack.

Microsoft first introduced Kerberos as an authentication protocol in Windows 2000 Active Directory. Since then, many extensions to the protocol have been introduced to allow for constrained delegation, protocol translation and more. You may be surprised that Kerberos is still actively used in Microsoft Entra and solves several challenges, including SSO for hybrid users, hybrid user sign-ins using FIDO keys, Kerberos sign-in to Windows auth websites, and user authentication to cloud-hosted SMB file share.

Come to this session, and John Craddock will show you how Kerberos works and how Microsoft has implemented Kerberos in the cloud. This is packed with demos and insights that will allow you to troubleshoot your environments. Don't miss this session!