Loading…
Attending this event?
Simple
Expanded
Grid
By Venue
Map
Security clear filter
arrow_back View All Dates
Thursday, September 19
 

08:00 CEST

Entra Private Access deep dive
Thursday September 19, 2024 08:00 - 09:00 CEST
Clubraum 1
Learn in depth about Entra Private Access integration with Entra ID for Zero-trust VPN replacement and on prem MFA capabilities
Speakers
avatar for Peter Lenzke

Peter Lenzke

Sen. Product Manager, Microsoft Corp.
Working in IT for 15+ years and for the last 12 years at Microsoft. Being a Program Manager in the identity division making Entra better every day.
Security Lenzke Entraprivateaccess deepdive Thursday no videos pptx
Thursday September 19, 2024 08:00 - 09:00 CEST
Clubraum 1
  Security, Private Access

08:00 CEST

Securing the Unseen: Microsoft Defender for IoT Explained
Thursday September 19, 2024 08:00 - 09:00 CEST
Clubraum 2
As organizations increasingly adopt Internet of Things (IoT) devices, ensuring their security becomes paramount. Microsoft Defender for IoT offers a multi-layered defense approach, combining agentless monitoring via passive network traffic analysis (NTA) with endpoint micro-agents. In this session, we’ll delve into the architecture, deployment strategies, and real-world use cases of Defender for IoT. Join us to learn how to protect your IoT devices effectively and enhance your overall security posture.
Speakers
avatar for Alain Schneiter

Alain Schneiter

Partner | Solutions Architect, scopewyse GmbH
Alain (Al) Schneiter is one of the scopewyse founders and an Microsoft Secuirty MVP. As an experienced solutions architect he is supporting clients and partners in training, concepts, designs and implementations using cloud solutions from Microsoft Azure and Microsoft 365. Alain is... Read More →
Thursday September 19, 2024 08:00 - 09:00 CEST
Clubraum 2
  Security, IOT

09:20 CEST

Copilot for Security
Thursday September 19, 2024 09:20 - 10:20 CEST
Clubraum 2
Deep dive in Copilot for Security which will encompass a combination of embedded functionalities as well as standalone use cases.
Speakers
avatar for Gabriel Tiberiu Damaschin

Gabriel Tiberiu Damaschin

Product Manager - Copilot for Security - Microsoft, Microsoft
I am a Product Manager with a keen focus on Copilot for Security. My expertise in this domain has been central to spearheading advancements and delivering robust cybersecurity solutions. I am deeply invested in understanding the intricacies of the security landscape and am committed... Read More →
Thursday September 19, 2024 09:20 - 10:20 CEST
Clubraum 2
  Security

09:20 CEST

Most common misconfigurations identified during our Red Team engagements
Thursday September 19, 2024 09:20 - 10:20 CEST
Clubraum 1
Explore prevalent misconfigurations uncovered in red team engagements and learn how to mitigate them. Gain practical insights into identifying and addressing vulnerabilities to strengthen your organization's defenses against cyber threats.

This session offers valuable insights into fortifying your defenses against sophisticated adversaries
Speakers
avatar for Stefan Schörling

Stefan Schörling

Security and Infra Geek - Onevinn AB, Onevinn
Stefan Schörling has over 25 years of experience from working with Cybersecurity.Today Stefan is helping customers to be successful with implementing and adopting Cloud Security with a focus on Azure and Microsoft 365.For the last 15+ years he has been awarded as a Microsoft MVP... Read More →
avatar for Mattias Borg

Mattias Borg

Cyber Security Geek, Mattias Borg
Incident Response Specialist with focus on Threat hunting in the Microsoft defense stack.Cyber Security consultant and Threat HunterResearching vulnerabilities when not working for customers.MSRC Security Research Acknowledgement (2018,2022,2023)CVE-2022-26788Speaker:Teamsdagen 2023... Read More →
WP Most common misconfiguration identified during our Red Team engagements upload pdf
Thursday September 19, 2024 09:20 - 10:20 CEST
Clubraum 1
  Security, Tips

10:40 CEST

Control Plane under Control: Securing Privileged Access by Microsoft Enterprise Access Model
Thursday September 19, 2024 10:40 - 11:40 CEST
Clubraum 1
Over the last years, Microsoft has released many design principles, best practices and security concepts for securing privileged access in a Microsoft Cloud environment. This includes also the "Enterprise Access Model" as an evolution of the previously known (Active Directory) ESAE approach.

But what are real-world experiences and examples of implementing those reference architecture? Which security controls should be applied? Who and what should be defined as "Tier0" or "Control Plane"? Which privilege escalation paths should be considered even in a tiered administration model?

In this demo-drive session, I will share my learnings and practical approach to identify, protect and monitor the high-privileged assets in Microsoft Entra. We will go through related features and monitoring capabilities but also limitations to implement a tiered administration model in a cloud environment. In addition, I will show insights of my free commmunity tool "EntraOps" which allows to automate classification and protection of privileged assets in your environment.
Speakers
avatar for Thomas Naunheim

Thomas Naunheim

Thomas Naunheim is a Cyber Security Architect from Germany and with focus on identity and security solutions in Microsoft Azure. He is working for glueckkanja AG and part of projects to design and implement Microsoft cloud identity and security solutions in enterprise environments.You... Read More →
Control Plane under Control pdf
Thursday September 19, 2024 10:40 - 11:40 CEST
Clubraum 1
  Security, Identity

12:40 CEST

One Year of Fighting Adversary-in-the-Middle, notes from the field
Thursday September 19, 2024 12:40 - 13:40 CEST
Clubraum 2
Last 1,5 year we were faced with a new advanced phishing technique, called adversary-in-the-middle. This is an advanced method to bypass multiple forms of MFA.

In this session Kenneth and Erik we do a deep dive into this topic.

First of alll we start with a small demo of the AiTM case

Then we will go through our options to fight this by using differente strategies like implementing phising resistant MFA methodes or using simple Conditional Access policies, or advanced Entra ID P2 Protection methods.

After this session you will have enough information to stop this attack in several ways each with it's own advangtages and drawbacks.


Speakers
avatar for Erik Loef

Erik Loef

CTO, Proxsys
CTO, MSc, CEH, MVP
avatar for Kenneth van Surksum

Kenneth van Surksum

Modern Workplace Consultant, Secure At Work
As a Microsoft 365 Modern Workplace consultant I help customers implement modern workplace solutions based on top of theirMicrosoft 365 licensing, leveraging products like Microsoft Intune, Microsoft Entra, Microsoft Defender, Exchange Online, Microsoft Teams, Microsoft SharePoint... Read More →
WPNinja Summit 24 One year of fighting adversary in the middle notes from the field sched pdf
Thursday September 19, 2024 12:40 - 13:40 CEST
Clubraum 2
  Security

12:40 CEST

Securing your Entra Identities in 2024
Thursday September 19, 2024 12:40 - 13:40 CEST
Clubraum 1
Security of your identities is crucial in the cloud. With Microsoft 365 we have many options and tools to make sure our identities can stay as secure as possible while at the same time we keep our users productive. Your identity is also what defines what and how you can access your resources in the cloud.

Learn how to protect both your standard users and all the privileged accounts in Entra ID.

Join in on a journey from password strategies, authentication methods, identity protection, privileged identity management, conditional access all the way over to a password-less world.
Speakers
avatar for Jan Ketil Skanke

Jan Ketil Skanke

MVP Security, Principal Cloud Architect, COO, CloudWay
Jan Ketil has been an Microsoft MVP since 2016 and are working as a COO and Principal Cloud Architect at CloudWay in Norway. He has been working in the industry for Microsoft Partners and Microsoft for more than 20 years. He loves to speak about anything around Endpoint Management... Read More →
avatar for Maurice Daly

Maurice Daly

Microsoft MVP, Principal Cloud Architect, CloudWay
Maurice has been working in the IT industry for the past 20 years. His focus is around the areas of Windows deployment, device management, Azure AD and secure productivity, Maurice has been an MCSE since 2008 and was awarded his first MVP award in the area of Enterprise Mobility in... Read More →
SecuringEntraIdentities2024 WPNinja pdf
Thursday September 19, 2024 12:40 - 13:40 CEST
Clubraum 1
  Security, Identity

14:00 CEST

Mastering Microsoft XDR: What is new in 2024?
Thursday September 19, 2024 14:00 - 15:00 CEST
Clubraum 2
Let's delve into the advanced capabilities and technical nuances of the Defender XDR stack, Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Office, Microsoft Defender for Cloud Apps, Microsoft Defender for Cloud, and the integration with Microsoft Sentinel. This technical session, tailored for cybersecurity professionals and IT practitioners, will provide an in-depth exploration of the latest features and enhancements across the Defender XDR suite as of 2024. From endpoint protection to cloud security, threat intelligence to incident response orchestration, this session will equip you with the knowledge and insights needed to harness the full power of the Defender XDR stack in defending against modern cyber threats.
Speakers
avatar for Gianni Castaldi

Gianni Castaldi

Kustoking and NinjaCat, KustoWorks
Gianni Castaldi is a NinjaCat @ KustoWorks, he started in IT in 2008 and in cybersecurity since 2017. His blogs can be read at kustoking.com and on medium.com/@giannicastaldiHe spends most of his time securing companies with the Microsoft Security Stack, Palo Alto Networks, and Tenable... Read More →
Mastering Microsoft XDR What is new in 2024 pptx
Thursday September 19, 2024 14:00 - 15:00 CEST
Clubraum 2
  Security, What's new

14:00 CEST

Seeing Through Data: A Purview into AI-Controlled Workflows
Thursday September 19, 2024 14:00 - 15:00 CEST
Clubraum 1
In today’s data-driven landscape, the ability to effectively manage and control data flows is crucial. "Seeing Through Data: A Purview into AI-Controlled Workflows" is a session designed to unlock the potential of AI within the realm of data management, using Microsoft Purview as a pivotal tool. Attendees will embark on an exploration of the AI Hub in Purview, gaining valuable insights into the integration and control of data across various platforms.
Speakers
avatar for Lothar Zeitler

Lothar Zeitler

Senior Product Manager, Microsoft
I am Senior Product Manager for Microsoft Purview. I am driving  DLP and Data Security and working closely together with our Enterprise customers across EMEA.
Thursday September 19, 2024 14:00 - 15:00 CEST
Clubraum 1
  Security

15:20 CEST

Enrich your Windows 11 MDE advanced hunting data with Sysmon
Thursday September 19, 2024 15:20 - 16:20 CEST
Clubraum 2
Defender for Endpoint is a superb data source for custom detections and the data can even be used to troubleshoot IT operations.
But as most of you are aware, MDE is also notoriously known for dedeplucating data and the dataset collected is defined by Microsoft.

If you want more flexibility Sysmon is an amazing data source for additional information and with the new Azure Monitor agent on Windows client devices the data ingestion into Microsoft Sentinel (Log Analytics) is easier than ever.

At the end of the session you will know how to implement the proposed solution, where you will find configurations to get started and what are the pitfalls in the current version.
Speakers
avatar for Fabian Bader

Fabian Bader

Cyber Security Architect, glueckkanja AG
Fabian Bader is a Cyber Security Architect and Microsoft MVP from Germany. He focuses on security and cloud solutions and works mainly with Microsoft technologies.From Azure cloud to on-premises Active Directory, he likes to automate stuff with PowerShell.Besides being a speaker at... Read More →
Enrich your Windows 11 MDE advanced hunting data with Sysmon pdf
Thursday September 19, 2024 15:20 - 16:20 CEST
Clubraum 2
  Security, Windows

15:20 CEST

Zero Trust - Zero Gap? Spotlight on (new) uncovered aspects of your CA design
Thursday September 19, 2024 15:20 - 16:20 CEST
Auditorium
Conditional Access is the heart of Microsoft's Zero Trust implementation as its policy enforcement engine and Microsoft introduces constantly new features to cover more and more use cases and integrations. This includes granular conditions and controls for specific authentication methods, restricted sessions and authentication flows but also new capabilities to re-trigger a policy evaluation.

In this session, we will discuss the latest features and their use cases and also challenges that you may not address in your current ruleset. Starting from automation for deployment, exclusion handling and gap monitoring, up to missing strong policy design to prevent rogue devices or protect privileged users.
Speakers
avatar for Thomas Naunheim

Thomas Naunheim

Thomas Naunheim is a Cyber Security Architect from Germany and with focus on identity and security solutions in Microsoft Azure. He is working for glueckkanja AG and part of projects to design and implement Microsoft cloud identity and security solutions in enterprise environments.You... Read More →
avatar for Christopher Brumm

Christopher Brumm

Cyber Security Architect, glueckkanja AG
I am a big fan of Microsoft Cloud Security products because there my two favorite topics Identity and Security work together in a unique way. I've been working in IT for quite a while and have almost 15 years of experience in IT security in various roles. At the moment I am a Cybersecurity... Read More →
WPNinja24 Zero Trust Zero Gap pdf
Thursday September 19, 2024 15:20 - 16:20 CEST
Auditorium
  Security, Zero-Trust

16:40 CEST

Defender for Endpoint on mobile: from Endpoint protection to Zero Trust Network Access
Thursday September 19, 2024 16:40 - 17:40 CEST
Auditorium
During this session you will learn about the three core capabilities of Defender for Endpoint for iOS and Android:
- Defender for Endpoint (Endpoint Protection)
- Microsoft Tunnel
- Microsoft Entra Private Access
You will learn about the various deployment and configuration options and how these impact the end user experience and behaviour.
I will share some notes from the field and tips and tricks how you can further streamline and enhance the deployment of the Defender app.
After you learned how you can deploy and configure MDE on mobile devices to work with the core capabilities, we will go into the subject of Conditional Access and how the signals from the Defender for Endpoint capabilities can support you in enhancing your mobile security posture using Compliance and network signals.
Speakers
avatar for Janic Verboon

Janic Verboon

Senior Endpoint Engineer, baseVISION AG
Endpoint Engineer with interests in everything Intune & Entra related, enjoys a good beer 🍺 and is a big fan of heavy & loud music 🤘
Defender for Endpoint on mobile from Endpoint protection to Zero Trust Network Access pdf
Thursday September 19, 2024 16:40 - 17:40 CEST
Auditorium
  Security, Defender for Endpoint

16:40 CEST

Plan you log ingestions to Microsoft Sentinel
Thursday September 19, 2024 16:40 - 17:40 CEST
Clubraum 2
One of the main reasons to decide to use Microsoft Sentinel, is the ability to connect additional log sources and expand your security coverage.
With literally hundreds of content hub solutions available and in many companies a nearly matching amount of data sources available, it's sometimes hard to decide on which to focus first.

In this session I will share my experience and best practices to prioritize and add new data sources, based on the actual needs of the security operations teams.
What are good ingestion configurations to get the alerts you want without having to spent a fortune?
Speakers
avatar for Fabian Bader

Fabian Bader

Cyber Security Architect, glueckkanja AG
Fabian Bader is a Cyber Security Architect and Microsoft MVP from Germany. He focuses on security and cloud solutions and works mainly with Microsoft technologies.From Azure cloud to on-premises Active Directory, he likes to automate stuff with PowerShell.Besides being a speaker at... Read More →
Plan you log ingestions to Microsoft Sentinel pdf
Thursday September 19, 2024 16:40 - 17:40 CEST
Clubraum 2
  Security, Logging
 
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Filtered by Date - 
Clear filter
Monday, September 16
Tuesday, September 17
Wednesday, September 18
Thursday, September 19
Auditorium
Clubraum 1
Clubraum 2
Community stage
Deuxième
Expo hall and Luzerner terrasse
Expo hall, Luzerner Saal and Outside
Luzerner Saal
TBA
  • Community
  • ConfigMgr
  • General
  • Microsoft Intune
  • Security
  • Sponsor
  • Windows
  • Windows 365 / AVD
  • Session format
  • AMA
  • Breakout session (60 min)
  • Community
  • Gold Sponsor
  • Keynote
  • Platinum Sponsor
  • Sponsor
  • Subjects
  • 0
  • Android
  • Apple (iOS/macOS)
  • Automation
  • Autopilot
  • AVD
  • Azure AD
  • ChromeOS
  • Compliance
  • Conditional Access
  • Configuration Manager
  • Copilot
  • Endpoint Analytics
  • Endpoint Management
  • Identity
  • Linux
  • Microsoft Intune
  • MicrosoftXDR
  • Pac
  • Package Management
  • Security
  • Security Copilot
  • Sentinel
  • Windows 365
  • Windows Client OS
  • WUfB
  • Zero Trust
  • Level
  • Advanced
  • Expert
  • Intermediate
  • Area
  • #REF!
  • Microsoft
  • Popular