Endpoint analytics is a built-in and free Microsoft Intune feature that provides organizations with meaningful metrics and insights for measuring the quality of the end-user experience from Windows devices. In the session we will cover how easily you can implement it and what information it will provide you. Also, you’ll learn how to use the data in your own solutions.
Advanced Analytics, which requires an additional license, enhances Endpoint analytics by providing the following key features: - Anomaly detection: discovers workstation issues that easily are unnoticed and provides information about the common characteristics from the problem devices. One example would be devices which have bluescreens and what might be the real reason behind the issue (like a specific driver). - Enhanced device timeline provides key information about major operations on a specific device. Especially useful while diagnosing issues when you know what has happened on a device. - Device query allows you to run KQL queries against a device in real time to see what the current state is.
The session covers the latest updates of both services and gives you real-life examples how you can benefit from Endpoint analytics and/or Advanced Analytics.
ProTrainIT Oy, MVP - Enterprise Mobility, ProTrainIT Oy
Panu Saukko is a consultant and trainer at ProTrainIT and is based in Finland. He has over 20 years of experience working with Microsoft technologies and has been MVP for 16 years. Panu has worked with Microsoft’s management products over 20 years. He has created training courseware... Read More →
Join Johan Arwidmark for a technical refresher on the Windows Autopilot changes in the last years. You will learn about common gotchas and workarounds, as well as what configuration you can make to improve Windows Autopilot reliability.
Johan Arwidmark is the Technical Fellow with 2Pint Software, specializing in Systems Management and Enterprise Windows Deployment Solutions. Johan also speaks at several conferences each year, including MMS and Ignite events around the world. He is actively involved in the deploymentresearch.com... Read More →
Identity is the most critical aspect of security. Ensuring that users are who they claim to be is vital. Today, usernames and passwords alone are insufficient. Although Multifactor Authentication (MFA) mitigates some risks associated with standard credentials, digital certificates are a better choice. Organizations can improve their security posture by adopting strong, phishing-resistant credentials in digital certificates by implementing Microsoft Entra Certificate-Based Authentication (CBA).
Richard Hicks is the founder and principal consultant at Richard M. Hicks Consulting, Inc. A Microsoft Most Valuable Professional (MVP) with more than 25 years of experience implementing secure remote access and public key infrastructure (PKI) solutions, he is a widely recognized... Read More →
Join Greg for an insightful session on integrating Intune with ServiceNow using Out-of-the-Box connectors. Key Takeaways: Setting Up the Lab Environment: Step-by-step guidance on preparing your lab for Intune and ServiceNow. ServiceNow Connector for Intune: Learn how to configure and utilize this connector to view ServiceNow tickets directly within Intune. Service Graph Connector for Intune: Discover how to set up and use this connector to access Intune data within ServiceNow. Greg's session on Monday will focus on out-of-the-box connectors, while Greg's session on Wednesday will focus on building an integration leveraging Graph and Logic Apps.
Dell Distinguished Engineer and Enterprise Architect, Microsoft MVP, Dell technologies
Greg Ramsey is a Senior Distinguished Engineer at Dell Technologies, and a Microsoft MVP in Enterprise Mobility. He has a B.S. in Computer Sciences and Engineering from The Ohio State University and has co-authored many books over the years. Greg is a co-founder of the Ohio SMS Users... Read More →
In this session we will cover how organizations are using Defender for Office 365 to detect and respond to new and emerging collaboration threats including phishing and BEC. We will walk through how SOC teams can be more effective and efficient using the power of XDR as well as build user resilience to new and emerging threats.
Leading teams on our vision and delivery of enterprise security focused solutions for our M365 customers. Driving rapid improvements in end users and security teams' resilience to emerging threats through automation in awareness, detection, investigation and response.
Join us for a session with two experts in transitioning to cloud-native device management. Learn about their journey from managing on-premises devices to using Intune for cloud-based management. Is the transition smooth? Can it save costs? Understand why this shift is important and get valuable insights.
Discover the challenges they faced and learn best practices, tips, and tricks for a successful transition. Don't miss this chance to upgrade your device management strategy.
Modern workplace architect - Mindcore | Microsoft MVP, Mindcore
Mattias Melkersen is a community driven and passionate modern workplace consultant with 18 years’ experience in automating software, driving adoption and technology change within the Enterprise. He lives in Denmark and works at Mindcore.He is an Enterprise Mobility Intune MVP, Official... Read More →
Microsoft MVP, Senior Architect End User Computing, Ericsson
Nickolaj specializes in Enterprise Mobility and Security, Windows deployments and automation. Additionally, he has extensive experience with planning, implementing and migrating Microsoft Endpoint Manager environments on a global scale. Nickolaj has also been awarded as PowerShell... Read More →
Looking to ease your way into entrusting our new AI overlords with running your life? Start by letting the machines deploy your patches. In this session we'll dive deep into automating your patching, common pitfalls, and common arguments against automation. We'll focus on how to achieve this via ConfigMgr ADRs while comparing other patching technologies such as Intune's Autopatch and Azure Update Automation.
If nothing else, we'll help you get a few years of letting the machines patch your devices before they decide they don't need us anymore.
I've spent over 15 years as a system administrator, most recently at a large Midwest supermarket using Configuration Manager. I'm active in the online support communities and most days you'll find me on the SCCM subreddit or the WinAdmin's Discord channel.
From rebuilding ransomware victims to managing large-scale enterprises to implementing security compliance frameworks. Jordan has seen some strange things in the industry.Jordan has been a Microsoft MVP for four years and has worked in a number of different industry verticals, including... Read More →
David James is the VP of engineering at Patch My PC and runs their engineering operations. He was previously the director of engineering at Microsoft for MEMCM. A short bio stolen from another site:Studied Computer Engineering and Music Theory/Composition at University of Utah.Joined... Read More →
What do we mean when we say that we are unifying Windows Update for Business & Windows Autopatch? Come along to understand why we made this decision, and where we plan to take the management of Windows updates
John Vintzel is a Principal Manager of Product Management for the Windows Servicing Division at Microsoft. He is leading up Windows Autopatch effort. A Microsoft veteran since 2008, John has previously worked as Product Manager as part of the Configuration Manager and Intune teams... Read More →
Harman Thind works as a Senior Product Manager for the Windows Servicing and Delivery division, focusing on Windows Autopatch. In his role at Microsoft, he works on features such as Windows Autopatch UX in Intune, device and tenant registration and alerting reports to address update... Read More →
This demo-based session explores the potent collaboration between OpenAI and Copilot for Security.
Discover how the fusion of artificial intelligence is revolutionizing threat detection, response strategies, and proactive risk mitigation.
The session contains following topics: - How AI used by attackers - How Copilot for Security works - Setting up security using with AI - Detect threats with the AI-assistant - Give a quick and informative AI-driven response - A few words about licensing
Sergey Chubarov is a Security and Cloud Expert, Instructor with 15+ years' experience on Microsoft technologies.His day-to-day job is to help companies securely embrace cloud technologies.He has certifications and recognitions such as Microsoft MVP: Security, OSCP, OSEP, eCPPT, eCPTX... Read More →
This session will provide a comprehensive introduction to tabletop cybersecurity exercises, focusing on their importance, design, and execution. Participants will gain insights into the benefits of conducting tabletop exercises, including improved incident response readiness, enhanced communication and coordination among stakeholders, and identification of gaps in policies and procedures. Practical guidance will be provided on structuring exercises to align with organizational objectives, selecting relevant scenarios, and engaging participants effectively.
Stefan Schörling has over 25 years of experience from working with Cybersecurity.Today Stefan is helping customers to be successful with implementing and adopting Cloud Security with a focus on Azure and Microsoft 365.For the last 15+ years he has been awarded as a Microsoft MVP... Read More →
Incident Response Specialist with focus on Threat hunting in the Microsoft defense stack.Cyber Security consultant and Threat HunterResearching vulnerabilities when not working for customers.MSRC Security Research Acknowledgement (2018,2022,2023)CVE-2022-26788Speaker:Teamsdagen 2023... Read More →
Intune and MSGraph have a lot of data about your estate and the status of your environment. ServiceNow is the tool that many organizations use to handle CMDB, Tickets, and more. In this session, we will show you how to connect these two worlds to enable you to enrich your data in Service Now and automate actions.
What you will learn: - How to get the right data in front of your service desk to help them resolve issues faster - Trigger automation using MS Graph to resolve (or at least enrich) ServiceNow tickets - How to build a custom Logic Apps Connector!
PS: The thinkings in this session might not only apply to ServiceNow
Dell Distinguished Engineer and Enterprise Architect, Microsoft MVP, Dell technologies
Greg Ramsey is a Senior Distinguished Engineer at Dell Technologies, and a Microsoft MVP in Enterprise Mobility. He has a B.S. in Computer Sciences and Engineering from The Ohio State University and has co-authored many books over the years. Greg is a co-founder of the Ohio SMS Users... Read More →
What if we had a simple, low-cost AI solution that can help Intune admins? Call it "AI for Intune"
Come see how we've built an AI assistant that helps us to find what policies or settings we need to configure on managed endpoints, based on the Intune documentation. We will show you how you can do it yourself for the cost of a coffee or less, and particularly, how to avoid AI from messing with your tenant and devices 😉
ProTrainIT Oy, MVP - Enterprise Mobility, ProTrainIT Oy
Panu Saukko is a consultant and trainer at ProTrainIT and is based in Finland. He has over 20 years of experience working with Microsoft technologies and has been MVP for 16 years. Panu has worked with Microsoft’s management products over 20 years. He has created training courseware... Read More →
It is not easy to keep up when both cyber security threats and products evolve at light speed. Throw into the mix cyber security insurance and increased regulations, and you get a potentially explosive cocktail that requires just a little more than configuring a few security products. In this session, Michael will guide you through how to create, maintain and implement a security strategy that will help you do the right thing at the right time.
Michael Van Horenbeeck is an expert in Cloud Security, Compliance, and Identity Management, holding both the Microsoft Certified Solutions Master (MCSM) certification and the Microsoft Most Valuable Professional for Security (MVP) award simultaneously.As CEO and Sr. Architect at The... Read More →
Wednesday September 18, 2024 10:40 - 11:40 CEST
Clubraum 2
With current OS deployment solutions falling out of favor or out of support, it's time to start something new but familiar. Whether you are using Intune, CM, MDT, or other bare metal solutions this session is for you. In this session, we'll show you the 2Pint way of doing OS deployments and bare metal imaging.
Michael Niehaus is a Programme Director and Master Inventor at 2Pint Software, working on device management and OS deployment technologies. Previously, Michael spent 16 years at Microsoft working on MDT, Windows as a Service, Windows Autopilot, and related management and deployment... Read More →
Learn how to transition from a siloed approach to a cohesive, risk-based cloud security model. This session covers the complete security lifecycle, from posture management to workload protection, across multi-cloud environments. Discover how CNAPP helps Microsoft protect against multi-vector attacks and ensures end-to-end security through the SDLC and runtime. Join this demo session to explore the latest CNAPP use cases and scenarios, and the integration of XDR and exposure management with Microsoft Defender for Cloud.
Lior Arviv is a Senior Product Manager on the Defender for Cloud team, with over 15 years of experience in Microsoft technologies, particularly in cloud services and security. Passionate about innovation, Lior is dedicated to developing products that simplify complex challenges and... Read More →
As organizations increasingly adopt Internet of Things (IoT) devices, ensuring their security becomes paramount. Microsoft Defender for IoT offers a multi-layered defense approach, combining agentless monitoring via passive network traffic analysis (NTA) with endpoint micro-agents. In this session, we’ll delve into the architecture, deployment strategies, and real-world use cases of Defender for IoT. Join us to learn how to protect your IoT devices effectively and enhance your overall security posture.
Alain (Al) Schneiter is one of the scopewyse founders and an Microsoft Secuirty MVP. As an experienced solutions architect he is supporting clients and partners in training, concepts, designs and implementations using cloud solutions from Microsoft Azure and Microsoft 365. Alain is... Read More →
Thursday September 19, 2024 08:00 - 09:00 CEST
Clubraum 2
Product Manager - Copilot for Security - Microsoft, Microsoft
I am a Product Manager with a keen focus on Copilot for Security. My expertise in this domain has been central to spearheading advancements and delivering robust cybersecurity solutions. I am deeply invested in understanding the intricacies of the security landscape and am committed... Read More →
Thursday September 19, 2024 09:20 - 10:20 CEST
Clubraum 2
OSDCloud is a Community developed Cloud OS Deployment solution for deploying Windows from the Cloud.
Not everyone installs Windows en-US. Akos has deploying Windows using OSDCloud for customers based on their needs. This requires customization of the OSDCloud WinPE Boot Image by inecting PowerShell Scripts, or creating and storing PowerShell Scripts in the Cloud that can be updated at any time.
Microsoft MVP PowerShell | Software Product Manager, HP
During the day, I'm a Software PM for HP in Houston working on a PowerShell Script Project, and outside of business hours, I find time to work on OS Deployment. I've been a Microsoft MVP in PowerShell for 3 years and have enjoyed being able to build some really cool things that have... Read More →
Last 1,5 year we were faced with a new advanced phishing technique, called adversary-in-the-middle. This is an advanced method to bypass multiple forms of MFA.
In this session Kenneth and Erik we do a deep dive into this topic.
First of alll we start with a small demo of the AiTM case
Then we will go through our options to fight this by using differente strategies like implementing phising resistant MFA methodes or using simple Conditional Access policies, or advanced Entra ID P2 Protection methods.
After this session you will have enough information to stop this attack in several ways each with it's own advangtages and drawbacks.
As a Microsoft 365 Modern Workplace consultant I help customers implement modern workplace solutions based on top of theirMicrosoft 365 licensing, leveraging products like Microsoft Intune, Microsoft Entra, Microsoft Defender, Exchange Online, Microsoft Teams, Microsoft SharePoint... Read More →
Let's delve into the advanced capabilities and technical nuances of the Defender XDR stack, Microsoft Defender for Endpoint, Microsoft Defender for Identity, Microsoft Defender for Office, Microsoft Defender for Cloud Apps, Microsoft Defender for Cloud, and the integration with Microsoft Sentinel. This technical session, tailored for cybersecurity professionals and IT practitioners, will provide an in-depth exploration of the latest features and enhancements across the Defender XDR suite as of 2024. From endpoint protection to cloud security, threat intelligence to incident response orchestration, this session will equip you with the knowledge and insights needed to harness the full power of the Defender XDR stack in defending against modern cyber threats.
Gianni Castaldi is a NinjaCat @ KustoWorks, he started in IT in 2008 and in cybersecurity since 2017. His blogs can be read at kustoking.com and on medium.com/@giannicastaldiHe spends most of his time securing companies with the Microsoft Security Stack, Palo Alto Networks, and Tenable... Read More →
Defender for Endpoint is a superb data source for custom detections and the data can even be used to troubleshoot IT operations. But as most of you are aware, MDE is also notoriously known for dedeplucating data and the dataset collected is defined by Microsoft.
If you want more flexibility Sysmon is an amazing data source for additional information and with the new Azure Monitor agent on Windows client devices the data ingestion into Microsoft Sentinel (Log Analytics) is easier than ever.
At the end of the session you will know how to implement the proposed solution, where you will find configurations to get started and what are the pitfalls in the current version.
Fabian Bader is a Cyber Security Architect and Microsoft MVP from Germany. He focuses on security and cloud solutions and works mainly with Microsoft technologies.From Azure cloud to on-premises Active Directory, he likes to automate stuff with PowerShell.Besides being a speaker at... Read More →
One of the main reasons to decide to use Microsoft Sentinel, is the ability to connect additional log sources and expand your security coverage. With literally hundreds of content hub solutions available and in many companies a nearly matching amount of data sources available, it's sometimes hard to decide on which to focus first.
In this session I will share my experience and best practices to prioritize and add new data sources, based on the actual needs of the security operations teams. What are good ingestion configurations to get the alerts you want without having to spent a fortune?
Fabian Bader is a Cyber Security Architect and Microsoft MVP from Germany. He focuses on security and cloud solutions and works mainly with Microsoft technologies.From Azure cloud to on-premises Active Directory, he likes to automate stuff with PowerShell.Besides being a speaker at... Read More →