Deploying Defender and Sentinel is easy, but how do you deploy it according to best practices, connect it to the correct products and integrate it within your environment? This session walks through a sample architecture and showcases some of the design decisions Thijs and Robbe have made in their own Security Operations Center and what kind of issues they have run into. They will cover multi-tenant setups, Lighthouse authentication, ITSM integration and automation using Logic Apps, Azure Functions, API Management and Azure DevOps

Discover how the Microsoft security solutions you probably already rely on today, can help you in getting more visibility into your corporate networks. In this session, we’ll delve into the powerful capabilities of Defender XDR, showcasing how built-in insights can be extended to conduct deeper understanding of your corporate networks, both to identify possible security misconfigurations and detect network related threats.

In this session, we delve into the complexities of implementing Microsoft Sentinel's Security Orchestration, Automation, and Response (SOAR) solutions, focusing on automatic isolation scenarios with both Defender XDR and On-Premise Network Solutions. We will cover multiple practical scenarios, and discuss the different strategies you can use for each of them.

In today's dynamic threat landscape, adversaries increasingly target tokens over passwords. Join me in this interactive session, where I delve into the functionality and use cases of tokens. I will explore the inner workings of different tokens, how they enable Single Sign-On (SSO) in your environment, and contain permission and authentication claims. Throughout the session, I will provide a hands-on demonstration of real-life examples of token theft, shedding light on the evolving tactics employed by cyber adversaries. Key Session Highlights: Token Functionality: Gain insights into how tokens function, with a focus on access tokens and their role in facilitating SSO within your environment. Real-Life Examples: Witness practical demonstrations of token theft scenarios, illustrating the potential risks and vulnerabilities associated with this form of attack. Proactive Measures: Discover proactive measures and detection strategies against token-centric attacks. Learn how organizations can fortify their defenses to mitigate the risks posed by token compromise. Don't miss this opportunity to enhance your understanding of token security, uncover potential threats, and explore effective defense strategies against evolving cyber threats.

In this session, we will explore advanced network detection strategies by leveraging the combined power of Microsoft Defender for Endpoint and Global Secure Access. Learn how these tools work together to provide comprehensive security coverage, enhancing your ability to detect and respond to threats across both cloud and on-premise environments. We’ll discuss integration techniques, share best practices, and present real-world examples to illustrate the effectiveness of this unified approach.