Session Abstract

Deploying Defender and Sentinel is easy, but how do you deploy it according to best practices, connect it to the correct products and integrate it within your environment? This session walks through a sample architecture and showcases some of the design decisions Thijs and Robbe have made in their own Security Operations Center and what kind of issues they have run into. They will cover multi-tenant setups, Lighthouse authentication, ITSM integration and automation using Logic Apps, Azure Functions, API Management and Azure DevOps

Robbe Van den Daele

I'm Robbe, an information security professional driven by a genuine passion for my work. My focus lies in Cloud Security, Purple Teaming, Microsoft Security Solutions, and the powerful MITRE ATT&CK framework. With a strong foundation in computer science, I've delved into the intricacies of information security, mastering technical aspects and procedural complexities. Cloud security became my niche, where I secure data, design resilient architectures, and implement robust measures. As a purple teamer, I excel at detecting and mitigating cybersecurity threats, identifying vulnerabilities, and fortifying defenses. I've embraced the invaluable MITRE ATT&CK framework, consulting organizations on understanding adversaries and strengthening their security posture. I'm driven by a thirst for knowledge, constantly staying ahead of industry trends through engagement with information security communities, conferences, and continuous learning.