Hi [[ session.user.profile.firstName ]]

How Tough Are You? Protecting Active Directory at All Costs

This session is based on a real-world, high-security scenario where security was highly prioritized. Christoffer will describe how he implemented a tier-based model in conjunction with physical security zones to protect core infrastructures such as Active Directory and PKI. He implemented technologies and concepts such as PAWs (Privileged Access Workstations), Smart Cards, Authentication Policies & Silos, IPSec, 802.1x. Demos will show the pitfalls of how easily an Enterprise PKI can become the weakest point when it comes to forest dominance. This session brings the reality of building up infrastructure and at the same time consolidate two nuclear power plants, hence the high level of security demand on the solution.

Christoffer Anderson is a Principal Advisor at Enfo. Directory Services expert and former Microsoft MVP, Christoffer has developed and released several tools to manage various features in Microsoft Windows and Active Directory, such as Fine Grain Policy Tool and ESEDump. He acts on the field as a consultant and a trainer where he is involved in large and complex Active Directory and Identity Management Projects, that involves Design, Deployments, Delivering Heath Checks and Reviews.

[CPE Credits] By attending this webinar, you are eligible for CPE Credits at some professional associations. Upon viewing the entire webinar, download your Viewing Certificate from BrightTALK which you can find on the right-hand side of the page.
Recorded Oct 20 2020 60 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Christoffer Andersson, Principal Advisor, Enfo
Presentation preview: How Tough Are You? Protecting Active Directory at All Costs

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Healthcare Security Fireside Chat: NIST, Identity, and Ransomware Nov 19 2020 5:00 pm UTC 60 mins
    Scott Breece, Community Health Systems CISO and Gil Kirkpatrick, Semperis Chief Architect
    No one can ignore the sharp uptick of hospitals victimized by ransomware. And in healthcare, the stakes are higher. Just last month, a 78-year-old patient at University Hospital Düsseldorf died after a ransomware attack crippled the hospital's IT systems and forced doctors to attempt to transfer her to another facility. It's clear just how physically dangerous cyberattacks can be, but there are no signs of attackers slowing down. Healthcare organizations, both large and small, are in the crosshairs because human collateral pays. All it takes is a user clicking on the wrong link to kick off a deadly campaign. So, what action can defenders take to avoid becoming a victim of ransomware?

    The Identity Defined Security Alliance (IDSA) provides the framework and practical guidance that helps organizations put identity at the center of their IT security strategy. In this fireside chat, Scott Breece, IDSA Advisory Board Member, and CISO at Community Health Systems, joins Gil Kirkpatrick, Chief Architect at Semperis, for a candid debate about yesteryear's best practices and how to push towards a safer tomorrow. Topics of conversation include the NIST Cybersecurity Framework, managing multiple identity systems in healthcare IT environments, and of course, ransomware.
  • Panel: Future Proofing Identity Security Recorded: Oct 28 2020 52 mins
    Julie Smith, Executive Director of Identity Defined Security Alliance (IDSA)
    Sean Deuby, host of HIP podcast, sits down with industry experts and a special guest, Julie Smith.

    Julie Smith is the Executive Director of the IDSA, responsible for executing the mission on behalf of the membership and the identity and security community. Throughout her career she has held various leadership roles in technology and solutions companies, including product management, product and solutions marketing and business development. Prior to joining the IDSA, Julie spent 12 years in the identity and security industry with leading vendors and solution providers.

    Siddharth Bhai is a Product Management Lead at Google Cloud. His current focus is to provide product leadership for managed security services, which streamline customer deployments and enable enterprises to focus on the best public clouds have to offer. He has been active in the Identity & Access Management space for over a decade and enjoys working with many Fortune 1000 & emerging companies. He has spoken about Identity & Access Management at major industry conferences, including Directory Experts Conference, Microsoft TechEd, and Google Cloud Next.

    Gil Kirkpatrick is the Chief Architect at Semperis. Gil has been building commercial products for enterprise IT for a very long time, focusing primarily on identity management and security-related products. He has been named a Microsoft MVP for Active Directory and Enterprise Mobility for each of the last 15 years, and is the author of Active Directory Programming, as well as the founder of the Directory Experts Conference.

    Host: Sean Deuby, 15-time Microsoft MVP and HIP Podcast Host. Sean brings 30 years’ experience in Enterprise IT and Hybrid Identity to his role as Director of Services at Semperis. An original architect and technical leader of Intel's Active Directory, Texas Instrument’s Windows NT network, and 15-time MVP alumnus, Sean has been involved with Microsoft identity technology since its inception.
  • New FIDO Authenticator Provisioning Solution for Enterprises Recorded: Oct 28 2020 38 mins
    Stephen Oh, CEO, TrustKey Solutions
    Recently, the industry has been moving away from using passwords since it is known to be the main cause for many security breaches. One of the best Passwordless solutions right now is FIDO2 authentication (called WebAuthn). WebAuthn is based on PKI (Public Key Infrastructure) cryptography technology to be simple, convenient and secure, and proven to be the most effective against phishing attacks. However, as FIDO tries to satisfy conflicting issues such as privacy protection vs maximum security, some FIDO2 features need to be improved for enterprise deployment and use. For example, many enterprises dealing with sensitive data need to ensure the FIDO authenticator is under the enterprise’s total management. In this talk, we present several critical enterprise issues including (1) enterprise attestation, (2) secure firmware control, (3) extended ROE (Restricted Operation Environment) and (4) biometric template integrity monitoring, and our new FIDO authenticator provisioning solution from holistic security approach.

    Stephen Oh is the founder and CEO of eWBM and TrustKey Solutions. eWBM is a fabless semiconductor company specialized in secure MCU (Microprocessor) and TrustKey provides passwordless login as well as revolutionary new IoT device provision solutions called Holistic Security Platform (HSP). eWBM’s secure MS500 is used for a variety of IoT and security applications including FIDO2 external authenticator for TrustKey Solutions, LoRa module, and Industrial IoT devices. Before founding eWBM in 2009, he was a vice president of Samsung Electronics, SLSI Business Unit, where his responsibility is AP (Application Processor) development and business. He was also involved with Gigabit Ethernet Standard (IEEE802.3ab) and ADSL standard (T1.413) while he was with National Semiconductor and Texas Instruments. He received his PhD/MSEE/BSEE from Purdue University.

    [CPE Credits] You are eligible for CPE Credits. Download your Viewing Certificate from BrightTALK.
  • Get the Most Out of Your Active Directory and Google Cloud Recorded: Oct 28 2020 61 mins
    Siddharth Bhai, Product Management Lead, Google
    Microsoft Active Directory is still the standard for authentication, authorization, and auditing of users, groups, and applications in Windows environments. In a multi-cloud world, well-configured access policies are more important than ever. How do you leverage the best of what Google Cloud has to offer while working with the realities of your current AD setup?

    Siddharth Bhai is a Product Management Lead at Google Cloud. His current focus is to provide product leadership for managed security services, which streamline customer deployments and enable enterprises to focus on the best public clouds have to offer. He has been active in the Identity & Access Management space for over a decade and enjoys working with many Fortune 1000 & emerging companies. He has spoken about Identity & Access Management at major industry conferences, including Directory Experts Conference, Microsoft TechEd, and Google Cloud Next. He loves connecting with industry professionals, during and outside of conference sessions.

    [CPE Credits] You are eligible for CPE Credits at some professional associations. Upon viewing the entire webinar, download your Viewing Certificate from BrightTALK.
  • Navigating a Hybrid World from a Device Management Perspective Recorded: Oct 28 2020 61 mins
    Guido Grillenmeier, Chief Technologist, DXC Technology
    Use the cloud, they say. So why don’t we just get rid of our on-prem AD and move everything to the cloud? Especially those computer accounts – should be easy. Ah … your app still needs that drive-letter mounted to your ancient file-service … and simply won’t start after installing the cumbersomely packaged app on a computer that is joined to your Azure-domain? Your user-settings are gone? Sorry … But at least OneDrive is easy to deploy and utilize – basically just enable it for all users … solves all storage problems on its own … until you use it with virtualized clients.  Sound familiar?  In this session, Guido will discuss the challenges most customers face when moving classic on-prem workplace services to the cloud, and how to solve them by properly combining the best of both worlds. 

    Guido Grillenmeier is a Chief Technologist within the Enterprise Services Group at DXC Technology, a company formed in 2017 from the Enterprise Services division of HPE and CSC. Based in Germany, Guido deals primarily with global Windows infrastructure deployments for large enterprise customers and has helped various customers to secure their Active Directory. Guido has often spoken at various technology conferences, including the original NetPro’s Directory Experts Conference (DEC), later called Quest Technical Experts Conference (TEC). He has also been a speaker at various other Microsoft-technology related conferences, such as Microsoft Tech-ED, IT Forum or Windows Connections. In his HP-days, he was part of the Advanced Technology Group and in this role has led the development and delivery for HP's Windows Server 2008 Academies to HP’s own Services division. Guido has been a Microsoft MVP for Directory Services for 11 years. Besides writing articles for technical magazines, Guido is also the co-author of “Microsoft Windows Security Fundamentals” (Digital Press).

    You are eligible for CPE Credits at some professional associations.
  • Securing the Future Now Recorded: Oct 28 2020 43 mins
    Chris Kubecka, CEO, HypaSec & Sean Deuby, Director of Services, Semperis
    Come on a journey in emerging tech and start planning a secure tech future. AI/ML, 5G, 6G, Chemical Printing, 4D Printing and designing a post-quantum world. Learn why it’s so important to fix our endless loop of cybersecurity now, or it won’t be 2020 that kills us but the dangerous tech.

    Chris Kubecka is the founder and CEO of HypaSec offering nation-state incident management, ethical hacking training in IT, IOT, ICS SCADA and expert advisory services to governments. Prior to HypaSec, she headed the Information Protection Group and international intelligence for the Aramco family. Re-establishing international business operations, helping to stabilize the oil market and implementing digital security after the company suffered from the world’s most devastating Shamoon cyberwarfare attacks which wiped out 85% of computer systems and over 35,000 Windows systems which deeply affected the countries of Saudi Arabia, Qatar and Bahrain. At Unisys, she helped halt the July 2009 second wave cyberwarfare attacks against South Korea during her time advising the company’s flagship customers Danone and Lloyds TSB. A USAF veteran, serving her country both as a military aviator and handling command and control systems for Space Command. Beginning her computer career at the age of five coding but was restricted from using computer systems from the age of ten until eighteen after hacking into the DOJ. Chris combines highly technical skills, ethical hacking, OSINT, strategy, leadership and governance expertise. Presenting at Europol, Interpol, national police, EU/NATO cyberwarfare exercises, DefCon, Black Hat, United Nations, Oxford, Cambridge, OWASP and BSides globally. Author of several technical, engineering and management courses and books Down the Rabbit Hole An OSINT Journey, Hack the World with OSINT and her upcoming book Hack the Galaxy with OSINT.

    [CPE Credits] You are eligible for CPE Credits. Download your Viewing Certificate from BrightTALK.
  • Panel: Hacking Identity Security Recorded: Oct 27 2020 59 mins
    David Raviv, Semperis
    Join the host David Raviv as he sits down with industry experts and a special guest, Wim van den Heijkant.

    Special Guest:
    Wim van den Heijkant is Co-Founder and Security Consultant at Fortigi and is passionate about Identity & Security. He has worked with clients in Fortune 500 companies and small start-ups across various industries ranging from financial services to critical infrastructure and government. Wim oversaw projects from design to implementation and aftercare in roles as an engineer, developer, architect, and recently CISCO. He's the founder of several IT companies and loves to coach young and eager IT consultants.

    Chris Roberts is Hacker in Residence at Semperis and is considered one of the world’s foremost experts on counter threat intelligence. With increasingly sophisticated attacks on targets of opportunity, Roberts’ unique methods of addressing the evolving threat matrix and experience with all information systems make him an indispensable partner to clients and industries that demand protection of financials, intellectual property, customer data, and other protected information from attack.

    Host:
    David Raviv is a Senior Technical Account Manager at Semperis. He began his career as an unmanned airplane pilot and officer in the Israeli Air force (IAF), and has worked at various startups including Proofpoint Inc., Optiv, and HYPR providing business and technical sales expertise. Along with passion for enterprise cyber technology and startups, he loves anything that comes with a remote control.

    In 2013, David founded the New York Information Security Meetup, the largest independent security group in the country hosting over 95 live events in NYC. The group now has over 5500 active members. In November 2019 David co-founded the cyber guild a non-for-profit 503C organization to promote work-force in Cyber Security.
  • Attacking and Defending AD Workshop Recorded: Oct 27 2020 49 mins
    Andy Robbins, Technical Architect, SpecterOps & Co-Creator, BloodHound + Darren Mar-Elia, VP of Product, Semperis"
    How do you defend Active Directory, aka the “keys to the kingdom,” if you don’t know where the attacks are coming from? Hackers constantly find new ways to break into AD. In this workshop, we’ll demonstrate real-world attacks that are frequently used against AD, including credential theft, Kerberos-based attacks, Group Policy-based attacks, and ACL attacks. The expert presenters will play out both perspectives: attacker and defender. This is a red vs. blue standoff, so don’t expect a bunch of slideware.

    During this workshop, we will demonstrate:
    -Ways that hackers can exploit AD in every stage of the cyber kill chain
    -Common AD hacking and discovery tools such as Mimikatz, PowerSploit, and BloodHound
    -Proactive steps to identify vulnerabilities in your AD configuration
    -Strategies to harden your AD so that hackers don’t have an easy path to Domain Admins

    Attacker:
    Andy Robbins is an active red teamer, Technical Architect at SpecterOpsan and co-author of BloodHound, a tool designed to reveal the hidden and unintended permission relationships in Active Directory domains. He has performed numerous red team operations and penetration tests against banks, credit unions, health-care providers, defense companies, and other Fortune 500 companies across the world. He has presented at DEF CON, BSides Las Vegas, DerbyCon, ekoparty, and actively researches Active Directory security. He is also a veteran Black Hat trainer.

    Defender:
    Darren Mar-Elia, VP of Product at Semperis. A 14-year Cloud and Datacenter Microsoft MVP, Darren has a wealth of experience in Identity and Access Management and was the CTO and founder of SDM software, a provider of Microsoft systems management solutions.

    [CPE Credits] You are eligible for CPE Credits. Download your Viewing Certificate from BrightTALK.

    Speakers:
    Andy Robbins, Technical Architect, SpecterOps &Co-Creator, BloodHound
    Darren Mar-Elia, VP of Product, Semperis
  • Windows Group Policy: Powerful Configuration Tool or Hacker’s Best Friend? Recorded: Oct 27 2020 58 mins
    Darren Mar-Elia, VP of Product, Semperis
    What started as a sleepy technology for efficiently configuring 1000s of Windows desktops and servers, has now become a gold mine for attackers looking to expose your security posture and leverage your GPOs as “malware delivery vehicles”.

    In this session, Darren Mar-Elia (the “GPOGUY”) will summarize the nearly 4 years of research he’s done on the various ways attackers are exploiting GP. More importantly, he will break down the key steps you can take to defend your Group Policy environment, and therefore your Windows environment, from abuse.

    During this workshop, we’ll demonstrate:

    -How attackers use Group Policy for reconnaissance
    -How attackers use Group Policy as a vector for malware
    -How you can configure your AD and GPOs to prevent abuse
    -Best practices for managing Group Policy with security in mind

    A 14-year Cloud and Datacenter Microsoft MVP, Darren Mar-Elia has a wealth of experience in Identity and Access Management and was the CTO and founder of SDM software, a provider of Microsoft systems management solutions. Prior to launching SDM, Darren held senior infrastructure architecture roles in Fortune 500 companies and was also the CTO of Quest Software. As a Microsoft MVP, Darren has contributed to numerous publications on Windows networks, Active Directory and Group Policy, and was a Contributing Editor for Windows IT Pro Magazine for 20 years.

    [CPE Credits] You are eligible for CPE Credits at some professional associations. Upon viewing the entire webinar, download your Viewing Certificate from BrightTALK.
  • Bypassing Azure AD Conditional Access Recorded: Oct 27 2020 55 mins
    Wim van den Heijkant, Co-Founder and Security Consultant, Fortigi
    The recent “hack” at the SANS Institute shows that Azure AD conditional access doesn’t protect you against all form of authentication. This presentation explores all the less known ways to authenticate and access resources protected by Azure AD. I will demonstrate how conditional access was bypassed as well as what you can do to monitor and restrict this kind of access.

    Wim van den Heijkant is Co-Founder and Security Consultant at Fortigi and is passionate about Identity & Security. He has worked with clients in Fortune 500 companies and small start-ups across various industries ranging from financial services to critical infrastructure and government. Wim oversaw projects from design to implementation and aftercare in roles as an engineer, developer, architect, and recently CISCO. He's the founder of several IT companies and loves to coach young and eager IT consultants.

    [CPE Credits] You are eligible for CPE Credits at some professional associations. Upon viewing the entire webinar, download your Viewing Certificate from BrightTALK.
  • Stealing Identities throughout the Ages Recorded: Oct 27 2020 58 mins
    Chris Roberts, Hacker in Residence, Semperis
    Stealing Identities Throughout The Ages… How Your Adversaries, Attackers and Nemeses Continue to Chase the Elusive Prize.

    The cybersecurity industry is not at a loss when it comes to cheesy castle analogies or quoting Sun Tzu whenever it gets the chance (keys to the kingdom, crown jewels, the art of war), you name it we’ve butchered it. But what if we took some time to look at the whole medieval warfare a little differently, ARE there actually lessons we CAN learn from all those who’ve gone before? Do we have something to use today that was true on the battlefield of yesteryear?

    I'd argue that taking some time to studying the techniques used by the Vikings, Mongols, Huns, and so on IS something we want to do. From an adversarial perspective, as well as those charged with defending the enterprise and those most prized digital assets, we CAN learn something from our hairy war-mongering ancestors.

    We'll attempt to chat about new and emerging cyberattacks without actually talking about ""cyber"" at all. We'll be making parallels between the Medieval world and our own to learn something, hopefully. Or, at the very least we’ll end up working out how far we can throw a Cisco or Palo Alto firewall with a trebuchet.

    Chris Roberts is Hacker in Residence at Semperis and is considered one of the world’s foremost experts on counter threat intelligence. With increasingly sophisticated attacks on targets of opportunity, Roberts’ unique methods of addressing the evolving threat matrix and experience with all information systems make him an indispensable partner to clients and industries that demand protection of financials, intellectual property, customer data, and other protected information from attack.

    [CPE Credits] By attending this webinar, you are eligible for CPE Credits at some professional associations. Upon viewing the entire webinar, download your Viewing Certificate from BrightTALK which you can find on the right-hand side of the page.
  • Panel: Hybrid AD Security Recorded: Oct 21 2020 59 mins
    Brian Desmond, Principal, Ravenswood Technology Group
    Join the host of the Hybrid Identity Protection podcast, Sean Deuby as he sits down with industry experts and a special guest, Brian Desmond.

    Special Guest: Brian Desmond is a Principal at Ravenswood Technology Group where he leads a team of professionals focused on delivering best-in-breed consulting services for the Microsoft security and identity management ecosystem. Brian was recognized annually as a Microsoft MVP for fifteen years and is the author of the fourth and fifth editions of Active Directory from O'Reilly. Brian is also a contributing author to Office 365 for IT Pros.

    Joe Kaplan is the Architecture and Strategy lead for Accenture's Identity and Access Management organization within internal IT. He focuses on solving real-world identity problems for a large, complex business. Joe is the co-author of the "".NET Developer’s Guide to Directory Services Programming"" and is a former Microsoft MVP in Enterprise Mobility + Security.

    Jorge de Almeida Pinto is a Lead Identity/Security Consultant working for IAMTEC with a very strong focus on and passion for Microsoft Identity, Security & Access Management technologies, either on-premises or cloud-based. He helps and guides organizations in architecting, designing, implementing, and maintaining secure solutions with a critical, positive, and goal-achieving mindset. He has received the Microsoft MVP Award every year since 2006.

    Host: Sean Deuby, 15-time Microsoft MVP and Hybrid Identity Protection Podcast Host. Sean brings 30 years’ experience in Enterprise IT and Hybrid Identity to his role as Director of Services at Semperis. An original architect and technical leader of Intel's Active Directory, Texas Instrument’s Windows NT network, and 15-time MVP alumnus, Sean has been involved with Microsoft identity technology since its inception. His experience as an identity strategy consultant for many Fortune 500 companies gives him a broad perspective on the challenges of today's identity-centered security.
  • Malware Mechanics: Understanding What You’re Defending Against Recorded: Oct 21 2020 55 mins
    Gil Kirkpatrick, Chief Architect, Semperis
    Today’s malware is stealthy, sophisticated, and can wreak havoc on your network. But most malware relies on a core set of tools and libraries that get the malware in the door, allow it to persist, gather credentials, move laterally through your network, and ultimately steal your data or encrypt your servers. Learn how these tools work, the APIs they use, and the sorts of vulnerabilities they exploit so you can be better armed in your battle against the bad guys.

    Gil Kirkpatrick is the Chief Architect for products at Semperis, a leading provider of cyber preparedness, incident response, and disaster recovery solutions for enterprise directory services on-premises and in the cloud. Gil has been building commercial products for enterprise IT for a very long time, focusing primarily on identity management and security-related products. He has been named a Microsoft MVP for Active Directory and Enterprise Mobility for each of the last 15 years, and is the author of Active Directory Programming, as well as the founder of the Directory Experts Conference. At Semperis Gil builds products to prevent, detect, and recover from cyber-attacks on enterprise hybrid identity environments. Gil speaks on cyber-security, identity, and disaster recovery topics at IT conferences around the world.

    [CPE Credits] You are eligible for CPE Credits at some professional associations. Upon viewing the entire webinar, download your Viewing Certificate from BrightTALK.
  • Taking a Large Organization Passwordless Recorded: Oct 21 2020 61 mins
    Joe Kaplan, Architecture and Strategy Lead, Accenture
    By now we've all heard about the security and usability benefits of the passwordless authentication future. We've heard about technologies that support passwordless authentication such as Windows Hello for Business, FIDO2, and device sign-in for the Microsoft Authenticator App. How would you go about actually taking your organization passwordless? In this session, we will go on a journey to discover how one large (.5M users) hybrid organization is doing just that. We will cover the technologies at a high level but focus more on the overall approach and the change management journey as we seek to fundamentally change how all of our users access their technology. We also will discuss the challenges around having passwords side-by-side with passwordless options and how we actually plan to eventually take passwords away completely once we really no longer need them.

    Joe Kaplan is the Architecture and Strategy lead for Accenture's Identity and Access Management organization within internal IT. He focuses on solving real-world identity problems for a large, complex business. Joe is the co-author of the "".NET Developer’s Guide to Directory Services Programming"" and is a former Microsoft MVP in Enterprise Mobility + Security.

    [CPE Credits] You are eligible for CPE Credits at some professional associations. Upon viewing the entire webinar, download your Viewing Certificate from BrightTALK.
  • Securing Your Legacy Apps with Cloud Identities Recorded: Oct 21 2020 59 mins
    Roelf Zomerman, Cloud Solutions Architect, Microsoft
    Join this session to see how you can provide secure access to your legacy applications, streamline, and modernize access to applications that support legacy authentication including Kerberos, Header based, and other protocols for your users and guests in Azure AD. This session will show you how to provide access to (on-premises) applications using Azure AD authentication, supporting FIDO2/WHfB/MFA/etc to provide increased security and a better end-user experience.

    Roelf Zomerman is a Microsoft Cloud Solution Architect, specialized in the architecture of complex solutions in Azure with an eye for hybrid solutions related to identities.

    [CPE Credits] You are eligible for CPE Credits at some professional associations. Upon viewing the entire webinar, download your Viewing Certificate from BrightTALK.
  • Account Hygiene: Fixing the Bad for the Good! Recorded: Oct 21 2020 68 mins
    Jorge de Almeida Pinto, Lead Identity/Security Consultant, IAMTEC
    Active Directory (AD) has been around for about two decades, and many organizations started using it as soon as it became available. Large organizations especially use Identity Management systems to manage the lifecycle of identities (user accounts, service accounts, computer accounts, and other account purposes). AD has evolved and with every new release of the OS, it became more secure. However, that does not mean you are automatically using all of the most secure account settings. It also does not mean you automatically stopped using the least secure account settings. What about passwords? Are your users using weak or compromised passwords, and how do you know? Do users own multiple accounts and are they sharing passwords across accounts they own, and how do you know? Weak settings and passwords (i.e. bad account hygiene) are what the bad guys need in order to take over your systems, accounts, and ultimately your AD through e.g. ""lateral movement"". Even with large organizations and with well-managed ADs, you'll be surprised by what you will see when you dig in. Although the best option is to go passwordless, or at least decrease password usage, that may not be a viable option for all organizations. So what can you do about all of this?
    Please join Jorge in this session where he will explain what can be done from a technical and process perspective.

    Jorge de Almeida Pinto is a Lead Identity/Security Consultant working for IAMTEC with a very strong focus on and passion for Microsoft Identity, Security & Access Management technologies, either on-premises or cloud-based. He helps and guides organizations in architecting, designing, implementing, and maintaining secure solutions with a critical, positive, and goal-achieving mindset. He has received the Microsoft MVP Award every year since 2006.

    [CPE Credits] You are eligible for CPE Credits at some professional associations. Upon viewing the entire webinar, download your Viewing Certificate from BrightTALK.
  • Staying Grounded on Security with Your Head in the Clouds Recorded: Oct 21 2020 48 mins
    Alex Weinert, Director of Identity Security, Microsoft & Sean Deuby, Director Of Services, Semperis
    Attackers love silo’ed thinking – vendor A *or* vendor b, on prem *or* cloud, security *or* productivity, as the strategy gaps that emerge provide perfect entry points into their targets. In this talk, we’ll look at how current attacks exploit the gaps, then look at how overlapped *and* strategies can disrupt attackers, reduce costs, and improve user experiences in your real world, multi-faceted deployments. The presentation will be followed by a fireside chat moderated by Sean Deuby, Director of Services at Semperis and host Hybrid Identity Protection Podcast.

    Alex is the Director of Identity Security at Microsoft. Billions of users sign in to millions of apps almost 20B times a day on our identity platform; the Identity Security team protects them from unauthorized access, account takeover, and abuse. If you have signed into Xbox, Skype, Outlook, Office 365, Azure, any number of our B2C sites or organizations using Azure AD, we’re the team standing between you and the hackers. In addition to detection, investigation, and response, ISP delivers Azure AD Identity Protection, Conditional Access, Multi-Factor-Authentication, and the Microsoft Authenticator app, as well as a host of enterprise and consumer account defense systems. Prior to his current role, Alex previously served in a variety of engineering and product management roles on products such as MSN, Visual Studio, Xbox, and Identity-related products like AD and FIM. Outside of work, Alex is passionate about interfacing with various humans, making stuff, sailing, and music.

    [CPE Credits] By attending this webinar, you are eligible for CPE Credits at some professional associations. Upon viewing the entire webinar, download your Viewing Certificate from BrightTALK which you can find on the right-hand side of the page.
  • Panel: Crisis Management Recorded: Oct 20 2020 51 mins
    Jules Okafor, CEO & Founder, RevolutionCyber
    Join Sean Deuby as he sits down with industry experts and a special guest, Jules Okafor.

    Juliet Okafor, J.D., is the CEO of RevolutionCyber and a Cybersecurity professional who has combined her knowledge of the legal system and Cybersecurity solution models into success stories across Fortune 500 industries throughout the USA. A passionate security solutions visionary and strategist, Juliet determines how to solve the company’s problem, be it vulnerability management, incident response or reducing the risk associated with technology or vendors, and then puts a plan into action. Juliet graduated from UMassAmherst with a B.A. in Communication, Fordham University with an M.A. in Public Communication and Media Studies and received her JD from Temple University.

    Kat Sweet secures the securers. She currently works on the product strategy team of Linux security startup Capsule8 as a technical evangelist. Previously, she was a security analyst at Duo Security, building out their multifaceted security operations program and hand-crafting many puns about zero trust. She keynoted the inaugural DevSecOps Days Austin and has spoken at several security conferences including LASCON, BSidesLV, CircleCityCon, and a handful of DEF CON villages, in addition to serving on the staff of BSidesLV since 2017. When she’s not in security mode you can find her bursting into song, picking unsuspecting locks, or dangling upside down.

    Guido Grillenmeier is a Chief Technologist within the Enterprise Services Group at DXC Technology. Based in Germany, Guido deals primarily with global Windows infrastructure deployments for large enterprise customers and has helped various customers to secure their Active Directory.

    Sean Deuby, 15-time Microsoft MVP and HIP Podcast Host and Director of Services at Semperis. An original architect and technical leader of Intel's Active Directory, Texas Instrument’s Windows NT network, and has been involved with Microsoft identity technology since its inception.
  • Six Horror Stories of Hybrid Identity Mismanagement Recorded: Oct 20 2020 62 mins
    Sander Berkouwer, Chief Technology Officer, SCCT
    The Microsoft documentation provides clear-cut decisive guidance for integrating Active Directory with Azure AD. This way, Hybrid Identity should emerge. Alas, at some organizations it didn't. Join this session to gain insights into the critical success factors that drive Hybrid Identity and the things that often get overlooked. Sander Berkouwer shares his views on these situations. Of course, this session covers how to avoid these situations yourself, so we all benefit. A true storyteller’s session on real-world events from a speaker with a twisted sense of humor. Be sure to check in!

    The Hybrid Identity implementations that Sander and his team have deployed for multiple organizations, including government ones, provide him with horror stories that are becoming ready to share, now that the hurting has stopped. How we found out that one of the Web Application Proxies was no longer active and why it never got patched after implementation. How we underestimated the impact of GDPR. How we ran 300% over budget for our project because we didn’t account for the Domain Controller upgrades and UPN Suffix renames at a customer. How we found out that ‘All Users’ in Azure AD also includes guest users. How we got a $4000/day bill, when an engineer accidentally enabled all user accounts in MFA Server, triggering an Azure MFA license for everyone in the organization. How our customer treated our Hybrid Identity implementation after we were asked to decommission the environment when the customer went bankrupt.

    Sander Berkouwer calls himself an Active Directory aficionado and has seen thousands of Active Directory and Azure Active Directory implementations in his career. Sander is a Dutch MCSE, MCITP, and MCT and has been a Microsoft Most Valuable Professional (MVP) on Directory Services and Enterprise Mobility for the last eleven years. He is also a Veeam Vanguard and VMware vExpert and writes a blogs on DirTeam.com and ServerCore.net.

    Eligible for CPE Credits.
  • How Tough Are You? Protecting Active Directory at All Costs Recorded: Oct 20 2020 60 mins
    Christoffer Andersson, Principal Advisor, Enfo
    This session is based on a real-world, high-security scenario where security was highly prioritized. Christoffer will describe how he implemented a tier-based model in conjunction with physical security zones to protect core infrastructures such as Active Directory and PKI. He implemented technologies and concepts such as PAWs (Privileged Access Workstations), Smart Cards, Authentication Policies & Silos, IPSec, 802.1x. Demos will show the pitfalls of how easily an Enterprise PKI can become the weakest point when it comes to forest dominance. This session brings the reality of building up infrastructure and at the same time consolidate two nuclear power plants, hence the high level of security demand on the solution.

    Christoffer Anderson is a Principal Advisor at Enfo. Directory Services expert and former Microsoft MVP, Christoffer has developed and released several tools to manage various features in Microsoft Windows and Active Directory, such as Fine Grain Policy Tool and ESEDump. He acts on the field as a consultant and a trainer where he is involved in large and complex Active Directory and Identity Management Projects, that involves Design, Deployments, Delivering Heath Checks and Reviews.

    [CPE Credits] By attending this webinar, you are eligible for CPE Credits at some professional associations. Upon viewing the entire webinar, download your Viewing Certificate from BrightTALK which you can find on the right-hand side of the page.
Identity-Driven Cyber Resilience
Semperis is the pioneer of identity-driven cyber resilience for cross-cloud and hybrid environments. The company provides cyber preparedness, incident response, and disaster recovery solutions for enterprise directory services—the keys to the kingdom. Semperis’ patented technology for Microsoft Active Directory protects over 40 million identities from cyberattacks, data breaches, and operational errors. Semperis is headquartered in New York City and operates internationally, with its research and development team distributed between San Francisco and Tel Aviv.

Semperis hosts the award-winning Hybrid Identity Protection conference. The company has received the highest level of industry accolades; most recently being named Best Business Continuity / Disaster Recovery Solution by SC Magazine’s 2020 Trust Awards. Semperis is accredited by Microsoft and recognized by Gartner.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: How Tough Are You? Protecting Active Directory at All Costs
  • Live at: Oct 20 2020 4:00 pm
  • Presented by: Christoffer Andersson, Principal Advisor, Enfo
  • From:
Your email has been sent.
or close