Workplace Ninja Summit 2024

In this session we will cover how organizations are using Defender for Office 365 to detect and respond to new and emerging collaboration threats including phishing and BEC. We will walk through how SOC teams can be more effective and efficient using the power of XDR as well as build user resilience to new and emerging threats.

We've spent the last few years modernizing clients, kicking them out of Active Directory and optimizing them to run outside the corporate network. The use of modern protocols, conditional access and the integration of MDE and Intune now enables us to access cloud services with access management that largely complies with the principles of zero trust.

However, when it comes to accessing legacy apps in the old data center world, we unfortunately all too often fall back on the old solutions - perhaps enhanced with some SAML and certificates - and features such as microsegmentation and session revocation are sought in vain.

In this session I would like to discuss and show why Microsoft's SSE solution is so much closer to my understanding of Zero Trust Network Access by explicitly checking every session in the network during its establishment, limiting access to the least necessary and disconnecting in case of a breach.

As a security architect who used to deal intensively with networks and in recent years with identity, I am very much looking forward to a deep dive on the topic of Single SignOn when accessing the OnPrem environment with Private Access.

In addition to the way the technology works, you will learn what needs to be considered during POC and rollout and what differences there are to a classic VPN project.

Think you know Passwordless Authentication? Well, think again. In this deep dive session, Join Microsoft MVP, Andy Malone as he takes you on a journey inside the next generation of Passwordless authentication using FIDO technologies. Now that FIDO keys have become virtual and can be deployed via any mobile device or desktop. Design to thwart hackers and ensure your digital world remains secure. With discussions, demos, tips and advice. Andy will walk you through all aspects of exactly what Passkey’s are, how they work and of course how to manage them.

Have you always wanted to understand the inner workings of Defender for Endpoint, to improve your troubleshooting skills or to help customers get successfully set up in their unique environment?
 
Join this session to gain a deeper understanding of Defender for Endpoint, how it works, what to keep an eye on and how to ensure smooth operation in a variety of environments. We will walk through architecture, deployment, portal setup and (security) operations as well as troubleshooting - giving you the tools you need to defend endpoints like a pro!

In addition, you will get a glimpse of where the product is heading in the future.

Modern security teams use various tools like SIEM, XDR, SOAR, UEBA, exposure management, and threat intelligence. However, these tools generate a large number of alerts and security signals, making it difficult for security professionals to manage them efficiently. In this session, Ramya Chitrakar will discuss how a unified security operations platform can break down these silos with a seamless experience, allowing security admins and analysts to work more effectively to level up your company’s defenses and ultimately bring down your MTTR in the case of an attack.

Automatic attack disruption, offered by Microsoft’s Unified Security and Operations Platform, provides out-of-the-box protection to its customers.

In this session, we will update you on the current status, recent advancements, and future plans in the area of threat intelligence and data-science based disruption.

The talk will also include a technical deep-dive into a real-life incident.
We will conclude by showing what you need to do to maximize the benefit of this powerful capability.

This demo-based session explores the potent collaboration between OpenAI and Copilot for Security.

Discover how the fusion of artificial intelligence is revolutionizing threat detection, response strategies, and proactive risk mitigation.

The session contains following topics:
- How AI used by attackers
- How Copilot for Security works
- Setting up security using with AI
- Detect threats with the AI-assistant
- Give a quick and informative AI-driven response
- A few words about licensing

Microsoft first introduced Kerberos as an authentication protocol in Windows 2000 Active Directory. Since then, many extensions to the protocol have been introduced to allow for constrained delegation, protocol translation and more. You may be surprised that Kerberos is still actively used in Microsoft Entra and solves several challenges, including SSO for hybrid users, hybrid user sign-ins using FIDO keys, Kerberos sign-in to Windows auth websites, and user authentication to cloud-hosted SMB file share.

Come to this session, and John Craddock will show you how Kerberos works and how Microsoft has implemented Kerberos in the cloud. This is packed with demos and insights that will allow you to troubleshoot your environments. Don't miss this session!

This session will provide a comprehensive introduction to tabletop cybersecurity exercises, focusing on their importance, design, and execution. Participants will gain insights into the benefits of conducting tabletop exercises, including improved incident response readiness, enhanced communication and coordination among stakeholders, and identification of gaps in policies and procedures. Practical guidance will be provided on structuring exercises to align with organizational objectives, selecting relevant scenarios, and engaging participants effectively.