Workplace Ninja Summit 2024: Full Schedule

arrow_back View All Dates

08:00 CEST

Entra Private Access deep dive

Thursday September 19, 2024 08:00 - 09:00 CEST

Learn in depth about Entra Private Access integration with Entra ID for Zero-trust VPN replacement and on prem MFA capabilities

Speakers

Peter Lenzke

Sen. Product Manager, Microsoft Corp.

Working in IT for 15+ years and for the last 12 years at Microsoft. Being a Program Manager in the identity division making Entra better every day.

Security Lenzke Entraprivateaccess deepdive Thursday no videos pptx

Thursday September 19, 2024 08:00 - 09:00 CEST
Clubraum 1

Security, Private Access

Session format Breakout session (60 min)
Subjects Security, Identity, Zero Trust
Level Advanced

09:20 CEST

Most common misconfigurations identified during our Red Team engagements

Thursday September 19, 2024 09:20 - 10:20 CEST

Clubraum 1

Explore prevalent misconfigurations uncovered in red team engagements and learn how to mitigate them. Gain practical insights into identifying and addressing vulnerabilities to strengthen your organization's defenses against cyber threats.

This session offers valuable insights into fortifying your defenses against sophisticated adversaries

Speakers

Stefan Schörling

Security and Infra Geek - Onevinn AB, Onevinn

Stefan Schörling has over 25 years of experience from working with Cybersecurity.Today Stefan is helping customers to be successful with implementing and adopting Cloud Security with a focus on Azure and Microsoft 365.For the last 15+ years he has been awarded as a Microsoft MVP... Read More →

Mattias Borg

Cyber Security Geek, Mattias Borg

Incident Response Specialist with focus on Threat hunting in the Microsoft defense stack.Cyber Security consultant and Threat HunterResearching vulnerabilities when not working for customers.MSRC Security Research Acknowledgement (2018,2022,2023)CVE-2022-26788Speaker:Teamsdagen 2023... Read More →

WP Most common misconfiguration identified during our Red Team engagements upload pdf

Thursday September 19, 2024 09:20 - 10:20 CEST
Clubraum 1

Security, Tips

Session format Breakout session (60 min)
Subjects Windows Client OS, Security, Identity
Level Intermediate

10:40 CEST

Control Plane under Control: Securing Privileged Access by Microsoft Enterprise Access Model

Thursday September 19, 2024 10:40 - 11:40 CEST

Clubraum 1

Over the last years, Microsoft has released many design principles, best practices and security concepts for securing privileged access in a Microsoft Cloud environment. This includes also the "Enterprise Access Model" as an evolution of the previously known (Active Directory) ESAE approach.

But what are real-world experiences and examples of implementing those reference architecture? Which security controls should be applied? Who and what should be defined as "Tier0" or "Control Plane"? Which privilege escalation paths should be considered even in a tiered administration model?

In this demo-drive session, I will share my learnings and practical approach to identify, protect and monitor the high-privileged assets in Microsoft Entra. We will go through related features and monitoring capabilities but also limitations to implement a tiered administration model in a cloud environment. In addition, I will show insights of my free commmunity tool "EntraOps" which allows to automate classification and protection of privileged assets in your environment.

Speakers

Thomas Naunheim

Thomas Naunheim is a Cyber Security Architect from Germany and with focus on identity and security solutions in Microsoft Azure. He is working for glueckkanja AG and part of projects to design and implement Microsoft cloud identity and security solutions in enterprise environments.You... Read More →

Control Plane under Control pdf

Thursday September 19, 2024 10:40 - 11:40 CEST
Clubraum 1

Security, Identity

Session format Breakout session (60 min)
Subjects Azure AD, Sentinel, Identity, MicrosoftXDR, Zero Trust
Level Advanced

10:40 CEST

Redefining the future of Windows in the Cloud with new like-local experiences

Thursday September 19, 2024 10:40 - 11:40 CEST

Deuxième

Learn from the Windows Cloud engineering group how next-gen end-user experiences define the future of Windows + AI and we deliver new like-local experiences for end-users. This session will primarily focus on the end-user via new Windows integrations, AI / Copilot features and protocol enhancements. You do not want to miss this session.

Speakers

Christiaan Brinkhoff

Principal PM and Community Lead, Windows 365 + AVD, Microsoft

Christiaan Brinkhoff works as a Principal Program Manager and Community Lead for Windows 365 and AVD at Microsoft, In his role at Microsoft, he works on features such as Windows 365 app, Switch and Boot. His mission is to drive innovation while bringing Windows 365, Windows, and Microsoft... Read More →

Phil Gerity

Partner Group Product Manager @ Microsoft | Leader | Maker | Author, Microsoft

Phil has built his career on tackling complex problems by designing innovative products and business models. His experience spans three separate startups at Microsoft, and one pre-IPO startup at Smartsheet. Phil leads end user experiences for Windows 365 and Azure Virtual Desktop... Read More →

Redefining the future of Windows in the Cloud with new like local experiences pdf

Thursday September 19, 2024 10:40 - 11:40 CEST
Deuxième

Windows 365 / AVD, Copilot

Session format Breakout session (60 min)
Subjects Microsoft Intune, AVD, Windows 365, Identity, Windows Client OS, Security, Endpoint Management
Level Advanced
Area Microsoft

12:40 CEST

Intune MAM, Conditional Access, actual scenarios and the clown fiesta!

Thursday September 19, 2024 12:40 - 13:40 CEST

Luzerner Saal

We'll dive deep into Intune Mobile Application Management as part of Microsoft Endpoint Manager. We'll go thru the diverse landscape that explain certain identify driven MAM scenarios and their potential issues that drove us nuts. Of course a big part of this is conditional access driven and we will discuss all practical
blockers and workarounds when it goes south.

This session will be focusing specifically on the use case issues and workarounds , less on the theoretical part of Intune mam & CA

Speakers

Kim Heyrman

Consultant, OB-V-US

Modern workplace IT consultant @itsobvus

Kenny Buntinx

CEO, OB-V-US

Kenny is a highly qualified , certified and energized consultant working for OB-V-US Benelux with more than 20 years of experience and strives to always deliver high quality when managing and delivering projects. He has a strong focus on the Microsoft Cloud product family and is an... Read More →

Thursday September 19, 2024 12:40 - 13:40 CEST
Luzerner Saal

Microsoft Intune, Mobile

Session format Breakout session (60 min)
Subjects Microsoft Intune, Endpoint Management, Apple (iOS/macOS), Conditional Access, Security, Identity
Level Intermediate

12:40 CEST

One Year of Fighting Adversary-in-the-Middle, notes from the field

Thursday September 19, 2024 12:40 - 13:40 CEST

Clubraum 2

Last 1,5 year we were faced with a new advanced phishing technique, called adversary-in-the-middle. This is an advanced method to bypass multiple forms of MFA.

In this session Kenneth and Erik we do a deep dive into this topic.

First of alll we start with a small demo of the AiTM case

Then we will go through our options to fight this by using differente strategies like implementing phising resistant MFA methodes or using simple Conditional Access policies, or advanced Entra ID P2 Protection methods.

After this session you will have enough information to stop this attack in several ways each with it's own advangtages and drawbacks.

Speakers

Erik Loef

CTO, Proxsys

CTO, MSc, CEH, MVP

Kenneth van Surksum

Modern Workplace Consultant, Secure At Work

As a Microsoft 365 Modern Workplace consultant I help customers implement modern workplace solutions based on top of theirMicrosoft 365 licensing, leveraging products like Microsoft Intune, Microsoft Entra, Microsoft Defender, Exchange Online, Microsoft Teams, Microsoft SharePoint... Read More →

WPNinja Summit 24 One year of fighting adversary in the middle notes from the field sched pdf

Thursday September 19, 2024 12:40 - 13:40 CEST
Clubraum 2

Security

Session format Breakout session (60 min)
Subjects Security, Conditional Access, Identity, Zero Trust
Level Advanced

12:40 CEST

Securing your Entra Identities in 2024

Thursday September 19, 2024 12:40 - 13:40 CEST

Clubraum 1

Security of your identities is crucial in the cloud. With Microsoft 365 we have many options and tools to make sure our identities can stay as secure as possible while at the same time we keep our users productive. Your identity is also what defines what and how you can access your resources in the cloud.

Learn how to protect both your standard users and all the privileged accounts in Entra ID.

Join in on a journey from password strategies, authentication methods, identity protection, privileged identity management, conditional access all the way over to a password-less world.

Speakers

Jan Ketil Skanke

MVP Security, Principal Cloud Architect, COO, CloudWay

Jan Ketil has been an Microsoft MVP since 2016 and are working as a COO and Principal Cloud Architect at CloudWay in Norway. He has been working in the industry for Microsoft Partners and Microsoft for more than 20 years. He loves to speak about anything around Endpoint Management... Read More →

Maurice Daly

Microsoft MVP, Principal Cloud Architect, CloudWay

Maurice has been working in the IT industry for the past 20 years. His focus is around the areas of Windows deployment, device management, Azure AD and secure productivity, Maurice has been an MCSE since 2008 and was awarded his first MVP award in the area of Enterprise Mobility in... Read More →

SecuringEntraIdentities2024 WPNinja pdf

Thursday September 19, 2024 12:40 - 13:40 CEST
Clubraum 1

Security, Identity

Session format Breakout session (60 min)
Subjects Identity, Security, Azure AD
Level Advanced

15:20 CEST

Zero Trust - Zero Gap? Spotlight on (new) uncovered aspects of your CA design

Thursday September 19, 2024 15:20 - 16:20 CEST

Auditorium

Conditional Access is the heart of Microsoft's Zero Trust implementation as its policy enforcement engine and Microsoft introduces constantly new features to cover more and more use cases and integrations. This includes granular conditions and controls for specific authentication methods, restricted sessions and authentication flows but also new capabilities to re-trigger a policy evaluation.

In this session, we will discuss the latest features and their use cases and also challenges that you may not address in your current ruleset. Starting from automation for deployment, exclusion handling and gap monitoring, up to missing strong policy design to prevent rogue devices or protect privileged users.

Speakers

Thomas Naunheim

Christopher Brumm

Cyber Security Architect, glueckkanja AG

I am a big fan of Microsoft Cloud Security products because there my two favorite topics Identity and Security work together in a unique way. I've been working in IT for quite a while and have almost 15 years of experience in IT security in various roles. At the moment I am a Cybersecurity... Read More →

WPNinja24 Zero Trust Zero Gap pdf

Thursday September 19, 2024 15:20 - 16:20 CEST
Auditorium

Security, Zero-Trust

Session format Breakout session (60 min)
Subjects Security, Azure AD, Conditional Access, Identity, Zero Trust
Level Advanced