Loading…
Simple
Expanded
Grid
By Venue
Map
strong>Sentinel [clear filter]
arrow_back View All Dates
Thursday, September 19
 

08:00 CEST

Securing the Unseen: Microsoft Defender for IoT Explained
Thursday September 19, 2024 08:00 - 09:00 CEST
Clubraum 2
As organizations increasingly adopt Internet of Things (IoT) devices, ensuring their security becomes paramount. Microsoft Defender for IoT offers a multi-layered defense approach, combining agentless monitoring via passive network traffic analysis (NTA) with endpoint micro-agents. In this session, we’ll delve into the architecture, deployment strategies, and real-world use cases of Defender for IoT. Join us to learn how to protect your IoT devices effectively and enhance your overall security posture.
Speakers
avatar for Alain Schneiter

Alain Schneiter

Partner | Solutions Architect, scopewyse GmbH
Alain (Al) Schneiter is one of the scopewyse founders and an Microsoft Secuirty MVP. As an experienced solutions architect he is supporting clients and partners in training, concepts, designs and implementations using cloud solutions from Microsoft Azure and Microsoft 365. Alain is... Read More →
Thursday September 19, 2024 08:00 - 09:00 CEST
Clubraum 2
  Security, IOT

10:40 CEST

Control Plane under Control: Securing Privileged Access by Microsoft Enterprise Access Model
Thursday September 19, 2024 10:40 - 11:40 CEST
Clubraum 1
Over the last years, Microsoft has released many design principles, best practices and security concepts for securing privileged access in a Microsoft Cloud environment. This includes also the "Enterprise Access Model" as an evolution of the previously known (Active Directory) ESAE approach.

But what are real-world experiences and examples of implementing those reference architecture? Which security controls should be applied? Who and what should be defined as "Tier0" or "Control Plane"? Which privilege escalation paths should be considered even in a tiered administration model?

In this demo-drive session, I will share my learnings and practical approach to identify, protect and monitor the high-privileged assets in Microsoft Entra. We will go through related features and monitoring capabilities but also limitations to implement a tiered administration model in a cloud environment. In addition, I will show insights of my free commmunity tool "EntraOps" which allows to automate classification and protection of privileged assets in your environment.
Speakers
avatar for Thomas Naunheim

Thomas Naunheim

Thomas Naunheim is a Cyber Security Architect from Germany and with focus on identity and security solutions in Microsoft Azure. He is working for glueckkanja AG and part of projects to design and implement Microsoft cloud identity and security solutions in enterprise environments.You... Read More →
Control Plane under Control pdf
Thursday September 19, 2024 10:40 - 11:40 CEST
Clubraum 1
  Security, Identity

14:00 CEST

Azure Firewall and Virtual Desktops - Better Together
Thursday September 19, 2024 14:00 - 15:00 CEST
Deuxième
Securing and monitoring network traffic for Azure Virtual Desktop and Windows 365 is an often overlooked but important topic to meet network security requirements. Within this session you will explore the capabilities of Azure Firewall in combination with AVD, Windows 365 and Microsoft Sentinel and learn some of the recommended networking patterns to secure your virtual desktop deployments on the network layer.
Speakers
avatar for Nicola Suter

Nicola Suter

Security Consultant & MVP, baseVISION
Building cyber defense with the latest Microsoft technology available today - to defeat tomorrows threats. Passionately curious about all things related to tech, real-world-proven about topics such as identity, endpoint management and security.
avatar for Janic Verboon

Janic Verboon

Senior Endpoint Engineer, baseVISION AG
Endpoint Engineer with interests in everything Intune & Entra related, enjoys a good beer 🍺 and is a big fan of heavy & loud music 🤘
Azure Firewall and Virtual Desktops Better Together pdf
Thursday September 19, 2024 14:00 - 15:00 CEST
Deuxième
  Windows 365 / AVD

15:20 CEST

Enrich your Windows 11 MDE advanced hunting data with Sysmon
Thursday September 19, 2024 15:20 - 16:20 CEST
Clubraum 2
Defender for Endpoint is a superb data source for custom detections and the data can even be used to troubleshoot IT operations.
But as most of you are aware, MDE is also notoriously known for dedeplucating data and the dataset collected is defined by Microsoft.

If you want more flexibility Sysmon is an amazing data source for additional information and with the new Azure Monitor agent on Windows client devices the data ingestion into Microsoft Sentinel (Log Analytics) is easier than ever.

At the end of the session you will know how to implement the proposed solution, where you will find configurations to get started and what are the pitfalls in the current version.
Speakers
avatar for Fabian Bader

Fabian Bader

Cyber Security Architect, glueckkanja AG
Fabian Bader is a Cyber Security Architect and Microsoft MVP from Germany. He focuses on security and cloud solutions and works mainly with Microsoft technologies.From Azure cloud to on-premises Active Directory, he likes to automate stuff with PowerShell.Besides being a speaker at... Read More →
Enrich your Windows 11 MDE advanced hunting data with Sysmon pdf
Thursday September 19, 2024 15:20 - 16:20 CEST
Clubraum 2
  Security, Windows

16:40 CEST

Plan you log ingestions to Microsoft Sentinel
Thursday September 19, 2024 16:40 - 17:40 CEST
Clubraum 2
One of the main reasons to decide to use Microsoft Sentinel, is the ability to connect additional log sources and expand your security coverage.
With literally hundreds of content hub solutions available and in many companies a nearly matching amount of data sources available, it's sometimes hard to decide on which to focus first.

In this session I will share my experience and best practices to prioritize and add new data sources, based on the actual needs of the security operations teams.
What are good ingestion configurations to get the alerts you want without having to spent a fortune?
Speakers
avatar for Fabian Bader

Fabian Bader

Cyber Security Architect, glueckkanja AG
Fabian Bader is a Cyber Security Architect and Microsoft MVP from Germany. He focuses on security and cloud solutions and works mainly with Microsoft technologies.From Azure cloud to on-premises Active Directory, he likes to automate stuff with PowerShell.Besides being a speaker at... Read More →
Plan you log ingestions to Microsoft Sentinel pdf
Thursday September 19, 2024 16:40 - 17:40 CEST
Clubraum 2
  Security, Logging
 
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date - 
Clear filter
Monday, September 16
Tuesday, September 17
Wednesday, September 18
Thursday, September 19
Auditorium
Clubraum 1
Clubraum 2
Community stage
Deuxième
Expo hall and Luzerner terrasse
Expo hall, Luzerner Saal and Outside
Luzerner Saal
TBA
  • Community
  • ConfigMgr
  • General
  • Microsoft Intune
  • Security
  • Sponsor
  • Windows
  • Windows 365 / AVD
  • Session format
  • AMA
  • Breakout session (60 min)
  • Community
  • Gold Sponsor
  • Keynote
  • Platinum Sponsor
  • Sponsor
  • Subjects
  • 0
  • Android
  • Apple (iOS/macOS)
  • Automation
  • Autopilot
  • AVD
  • Azure AD
  • ChromeOS
  • Compliance
  • Conditional Access
  • Configuration Manager
  • Copilot
  • Endpoint Analytics
  • Endpoint Management
  • Identity
  • Linux
  • Microsoft Intune
  • MicrosoftXDR
  • Pac
  • Package Management
  • Security
  • Security Copilot
  • Sentinel
  • Windows 365
  • Windows Client OS
  • WUfB
  • Zero Trust
  • Level
  • Advanced
  • Expert
  • Intermediate
  • Area
  • #REF!
  • Microsoft
  • Popular