Hi [[ session.user.profile.firstName ]]

Zero Trust Access and IAM: How Security Is Changing in a Perimeter-Less World

The enterprise IT environment is becoming hybrid and distributed, with over 80% of enterprises adopting the cloud, mobile or remote workforce, and BYOD.

As a result, the network perimeter has dissolved, traditional solutions such as VPNs and DMZ can no longer provide the security, flexibility, and agility required for the current business needs and can no longer protect the organizations’ assets. To support the agility and security needs, the security architecture must shift its focus to the identity, device and applications levels rather than the network level.

Approaching this problem using the Zero Trust model is becoming more and more popular, as it allows organizations to enforce an easy to manage, secured, unified access policy regardless of where the users, devices or resources are located.

About the speaker:

Michael is an experienced entrepreneur and product executive leading Luminates’s product strategy and execution. Prior to joining Luminate, Michael was leading the product team for Aorato and successfully launched the product as Microsoft Advanced Threat Analytics, achieving wide enterprise customer application.
Recorded Nov 6 2018 41 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Michael Dubinsky | VP of Product at Luminate Security
Presentation preview: Zero Trust Access and IAM: How Security Is Changing in a Perimeter-Less World

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Step-By-Step Guide to Protecting Against Mimikatz DCShadow Recorded: Jun 27 2019 8 mins
    Darren Mar-Elia | Head of Product at Semperis
    The DCShadow attack exploits a switch in the Mimikatz utility that enables privileged users to inject malicious changes into Active Directory (AD) without detection. DCShadow takes advantage of native AD replication to avoid sending events to the AD security logs.

    Watch this video presentation to learn how to defend against this emerging threat. Detect rogue DCs, quickly roll back unwanted changes, and enrich event logs with unparalleled visibility.

    About the speaker:

    Darren Mar-Elia is a 14-year Cloud and Datacenter Microsoft MVP, Darren has a wealth of experience in Identity and Access Management and was the CTO and founder of SDM software, a provider of Microsoft systems management solutions.
  • OpenID Connect and WebAuthN – Strong Password-Less Authentication Recorded: May 31 2019 46 mins
    Gil Kirkpatrick | CTO at ViewDS
    OpenID Connect is the current standard when it comes to authentication and single sign-on. The new W3C Web Authentication standard (which evolved from FIDO) makes for a strong, easy-to-use, passwordless authentication in the browser a reality. The combination of the two technologies is an ideal approach for enterprise application developers whether on-premises or in the cloud. Gil discusses their inner workings and demonstrates how these standards work together.
  • Modernizing Customer Identity Journey’s with Azure AD B2C Recorded: Mar 14 2019 55 mins
    Allen Brokken | Azure Infrastructure Technical Solutions Professional at Microsoft
    Are you having challenges with different customer identities across service lines? Are you having challenges integrating Saas solutions to enhance your customer experience? Are your customers beginning to demand strong authentication as a part of their experience with your company? This presentation will describe the Modern Customer Identity journey including concepts such as: Sign­up; Profile Management; Sign-in across applications and providers; Multi-Factor Authentication and Password Reset. With that as a basis for discussion, we will then turn to a discussion of the Azure AD B2C platform, demonstrate it's capabilities and then provide best practices for adopting Azure AD B2C as an identity solution for your organization.

    About the speaker:

    Allen has 20+ years of experience in architecting and deploying identity and security solutions in large enterprises. He currently works with Microsoft helping customers architect secure and reliable cloud infrastructures. He has attained a number of industry certifications in cybersecurity and Microsoft technologies
  • Azure AD Conditional Access Deep Dive Recorded: Mar 14 2019 60 mins
    Joe Kaplan | Application Architect at Accenture
    Conditional Access is the feature of the Azure Active Directory platform that allows you to restrict access to applications and services based on a set of policies you apply. For example, you can allow access to resources based on the user's ability to perform multi-factor authentication, their device status, their location or the overall assessed risk of their login. In this session, we will do a deep dive on the mechanics of how the platform works including all of the conditions, the policy construction framework and the behavior of each type of condition during login. We will also touch on new and upcoming features that will greatly expand how Conditional Access can be used and administrated.

    About the speaker:

    Joe Kaplan is an identity architect in Accenture’s internal IT organization where he focuses on solving real-world problems for a large, complex business. Joe is a Microsoft MVP in Enterprise Mobility and is a co-author of the .NET Developer’s Guide to Directory Services Programming.
  • 10 Quick Identity Wins with Azure AD Recorded: Mar 14 2019 49 mins
    Brian Desmond | Principle at Ravenswood Technology Group
    Whether you’ve already purchased Azure AD Premium, or you’re thinking about it, you should have a plan to start using the services you’ve paid for. We’ll talk about ten easy wins that you can start taking advantage of without a ton of work. After this session, you’ll be equipped to start using Azure AD quickly, save money, and get measurable wins from your cloud identity investment.

    About the speaker:

    Brian is a Microsoft infrastructure expert who specializes in the implementation of Microsoft security, mobility, and infrastructure solutions. He is the author of two books on Active Directory and a Microsoft MVP for Enterprise Mobility.
  • 7 Tips for Securing Active Directory from Compromise Recorded: Mar 14 2019 68 mins
    Darren Mar-Elia
    In this talk, Darren will present practical steps you can take right away to help reduce the "attack surface" of your Active Directory environment He will show some of the most common ways that AD is exploited to help attackers move laterally, and show the top modifications you can make to AD to eliminate those pathways.
  • OpenID Connect and WebAuthN – Strong Passwordless Authentication Recorded: Mar 13 2019 33 mins
    Gil Kirkpatrick | CTO at ViewDS
    OpenlD Connect is the current standard when it comes to authentication and single sign-on, and the new W3C Web Authentication standard (which evolved from FIDO) makes strong. easy-to-use, passwordless authentication in the browser a reality. The combination of the two technologies is an ideal approach for enterprise application developers whether on-premises or in the cloud.
  • Next-level Security for OpenID Connect – Understanding Token Binding Recorded: Nov 7 2018 53 mins
    Gil Kirkpatrick | CTO at ViewDS
    We are gradually moving from a deep dependency on Kerberos to a more cloud-suitable authentication protocol in OpenID Connect. But OAuth2 and protocols that rely on it like OpenID Connect have some inherent security problems that allow token exfiltration and reuse. The new token binding RFCs provide a mechanism to mitigate these vulnerabilities. Learn how token binding works and how it will make your applications, both on prep and in the cloud, more secure.

    About the speaker:

    Gil is a long-time identity industry expert and Microsoft Directory Services/Enterprise Mobility MVP. He is well known for authoring numerous Active Directory articles and his work as the founder of the Directory Experts Conference.
  • Customer Journey for Securing Identity Infrastructure Recorded: Nov 7 2018 66 mins
    Nitika Gupta | Senior Program Manager at Microsoft
    In this session, you will learn about the top identity attacks Microsoft sees and understand how customers can protect against those attacks.

    About the speaker:

    Nitika is a program manager at Microsoft who specializes in protecting enterprises and consumers from cybercrime. She focuses on the security experiences for identity protection, conditional access, and multi-factor authentication.
  • Zero Trust Access and IAM: How Security Is Changing in a Perimeter-Less World Recorded: Nov 6 2018 41 mins
    Michael Dubinsky | VP of Product at Luminate Security
    The enterprise IT environment is becoming hybrid and distributed, with over 80% of enterprises adopting the cloud, mobile or remote workforce, and BYOD.

    As a result, the network perimeter has dissolved, traditional solutions such as VPNs and DMZ can no longer provide the security, flexibility, and agility required for the current business needs and can no longer protect the organizations’ assets. To support the agility and security needs, the security architecture must shift its focus to the identity, device and applications levels rather than the network level.

    Approaching this problem using the Zero Trust model is becoming more and more popular, as it allows organizations to enforce an easy to manage, secured, unified access policy regardless of where the users, devices or resources are located.

    About the speaker:

    Michael is an experienced entrepreneur and product executive leading Luminates’s product strategy and execution. Prior to joining Luminate, Michael was leading the product team for Aorato and successfully launched the product as Microsoft Advanced Threat Analytics, achieving wide enterprise customer application.
  • Rethinking MFA Recorded: Nov 6 2018 43 mins
    Hed Kovetz | CEO at Silverfort
    Multi-Factor Authentication has been around for decades, but still, 81% of data breaches involve the use of compromised passwords. Why do so many systems continue to rely on passwords, and what prevents us from implementing strong authentication for some of our most sensitive assets? We will examine how major changes in the technology landscape are challenging the effectiveness of current MFA solutions, and what can be done to secure corporate identities in this new reality.

    About the speaker:

    Head Kovetz is the CEO and co-founder of Silverfort, the provider of next-generation multi-factor authentication solutions. Prior to founding Silverfort, Hed served in product leadership positions at Verint, where he previously served as a group leader at the 8200 elite cyber unit of the Israel Defense Forces, where he received the unit’s excellence award and the Chief of Intelligence Corps Award for Innovation.
  • Identity Governance in a Hybrid Identity World Recorded: Nov 6 2018 41 mins
    Darren Mar Elia | Head of Product at Semperis
    In this talk, Darren will discuss the unique challenges and considerations customers need to think about when planning to extend their identity governance practice to hybrid identities and applications. These hybrid systems present new opportunities and pitfalls that could impact both security and regulatory areas. We’ll look at some of these pitfalls and present some ideas on how best to manage identity governance in this new complex hybrid world.

    About the speaker:

    A 14-year Cloud and Datacenter Microsoft MVP and founder of GPOGUY.com, Darren has a wealth of experience in identity and access management. Darren was CTO and founder of SDM software, a provider of Microsoft systems management solutions.
  • Inside Active Directory – API Level Recorded: Nov 6 2018 54 mins
    Christoffer Anderson | Directory Services Expert
    Learn and understand the internals of Active Directory and how things really work under the cover, Get familiar with core APIs and the directory database layer. What changed in Windows Server 2016 at the database layer and the core APIs to support expiring links features. In this session, you can expect a lot of live demos.

    About the speaker:

    Christoffer is a directory services expert and former Microsoft MVP, Christoffer has developed and released several tools to manage various features in Microsoft Windows and Active Directory, such as Fine Grain Policy Tool and ESEDump. He acts in the field as a consultant and a trainer where he is involved in large and complex Active Directory and Identity Management projects that involve design, deployments, delivering heath checks, and reviews.
  • Countering Identity Creep in a Hybrid-Cloud World Recorded: Nov 6 2018 33 mins
    Ben Johnson | Co-Founder at Obsidian Security
    As employees are granted more access and more privileges across an exploding hybrid-cloud surface area, identity creep is real. And even with the migration to the cloud, organizations are still usually on the hook for the IAM responsibilities and maintenance. For the past several years, the industry has been heavily focused on authentication, placing a small amount of attention on authorization, and has virtually ignored accounting. In this presentation, we’ll illustrate how shifting our focus towards authorization and accounting can help us improve our grasp on identity in the modern hybrid-cloud world.

    About the speaker:

    Ben is a prominent voice in cybersecurity, having co-founded and been CTO of both Obsidian Security and Carbon Black. Ben spent 7 years in the intelligence community as a computer scientist for NSA. He also sits on several cyber start-up boards, spent 2 semesters as a lecturer in the University of Chicago’s Masters in Computer Science program, and has spoken to over 600 organizations and given thought-leadership presentations in 15 countries.
  • Mimikatz for the Everyman Recorded: Nov 6 2018 48 mins
    Adam Driscoll & Lee Berg
    The exploitation of Active Directory and Windows security has become a lot easier since Mimikatz was developed. The tool is capable of a wide range of recon and exfiltration techniques. Even with all its capabilities, this command-line tool has a difficult syntax to master and the output is merely a wall of text. this session, we'll break down the features of Mimikatz and learn when and how to use them. Throughout the session, we'll take advantage of PowerShell functions that simplify the interaction with the Mimikatz binary and provide a structured output that blends well with other PowerShell cmdlets.
  • Operationalizing BloodHound’s Attack Graph for Defense Recorded: Nov 6 2018 49 mins
    Andy Robbins & Rohan Vazarkar
    Andy and Rohan share their progress on ope-rationalizing BloodHound’s attack graph that puts the power back in defenders’ hands.
  • Azure AD Password Protection:The Cloud Security Service your AD Needs Now Recorded: Nov 6 2018 51 mins
    Sean Deuby | Identity Architect at Edgile
    Microsoft has finally provided a service that secures the single most critical password-related security risk in the enterprise today: common passwords. Azure AD Password Protection protects both your on-premises Active Directory and your Azure AD accounts from simple and common passwords that are easily compromised in password spray attacks. In this session you'll learn about modern password policy recommendations from NIST and Microsoft, how Azure AD Password Protection works, and how to deploy it to protect your hybrid identity infrastructure. #deathto(common)passwords!

    About the speaker:

    Sean is a solutions architect for Edgile, where he focuses on Active Directory, Azure AD, and EM+S hybrid identity solutions. Before joining Edgile, Sean was a technical director at WindowsIT Pro where he has over 400 published articles.
  • Offline Attacks on Active Directory Recorded: Nov 6 2018 46 mins
    Michael Grafnetter | Premier Field Engineer at Microsoft
    Limiting access to domain controller hard drives has always been an important aspect of keeping Active Directory secure. However, this task has become more complex in today’s era of virtualization and cloud computing. In this session, we’ll discuss the endless possibilities that would open to malicious attackers and insiders by gaining read/write access to either a physical or virtual hard drive of a DC containing its ntds.dit database file. You’ll witness offline password resets, group membership changes, SID history injection, misuses of extracted DPAPI backup keys, or KDS root keys, and some naïve attempts to detect such actions.

    About the speaker:
    Michael is an expert in Active Directory security. He is the author of the DSInternals PowerShell module and Thycotic Weak Password Finer, tools used by security auditors and penetration testers worldwide. In the role of a security consultant, he has performed multiple security audits at large enterprises, mostly financial institutions. Michael is a former PowerShell MVP.
  • How to Secure Shared Social Media Accounts and Achieve SSO through Azure AD Recorded: Nov 6 2018 55 mins
    Jorge de Almeida Pinto | Lead Engineer at IAM Technologies
    Nowadays many companies have an online presence in most likely more than one social media to service and/or communicate with customers regarding all kinds of matters. Some well-known examples are Twitter, Facebook, Instagram and YouTube. Of course, other social media may exist specific to the business or a country. The main question is: how can you make sure those (shared) social media accounts are used in a secure manner by a group of people and still keep the bad guys out? The answer is: That's where Azure AD comes into the playing field! Come to this session to learn and see about experiences using the Azure AD solution. Yes, demos are included!

    About the speaker:

    Jorge has a very strong focus on and passion about Microsoft Identity & Access Management technologies, both on-premises and in the cloud. He blogs at, ‘Jorge’s Quest For Knowledge!’ and has been a Microsoft MVP for Identity and Access Management since 2006.
  • 10 Quick Identity Wins with Azure AD Recorded: Nov 5 2018 48 mins
    Brian Desmond | Principle at Ravenswood Technology Group
    Whether you’ve already purchased Azure AD Premium, or you’re thinking about it, you should have a plan to start using the services you’ve paid for. We’ll talk about ten easy wins that you can start taking advantage of without a ton of work. After this session, you’ll be equipped to start using Azure AD quickly, save money, and get measurable wins from your cloud identity investment.

    About the speaker:

    Brian is a Microsoft infrastructure expert who specializes in the implementation of Microsoft security, mobility, and infrastructure solutions. He is the author of two books on Active Directory and a Microsoft MVP for Enterprise Mobility.
tbd
tbd

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: Zero Trust Access and IAM: How Security Is Changing in a Perimeter-Less World
  • Live at: Nov 6 2018 11:35 pm
  • Presented by: Michael Dubinsky | VP of Product at Luminate Security
  • From:
Your email has been sent.
or close