Name: How Misconfigured Hybrid Identity Setups Can Compromise Cybersecurity
Start: 2025-05-19T18:49:00Z
End: 2025-05-19T18:49:40.000Z
Location: BrightTALK
Rating: 0

A leading identity security partner to public- and private-sector clients, MajorKey provides advisory, deployment & integration services, and managed operations across workforce, privileged, customer, and governance solutions for identity security. 

Our team of identity security experts produces webinars and podcasts a few times a month, covering industry news, opinions, and trending topics in the identity security space. We often partner with CyberArk, Microsoft, Ping Identity, SailPoint, & Saviynt. 


Today’s organizations often rely on mature legacy identity governance platforms. Transitioning to a modern identity platform can be complex, requiring confidence, strategy, and the right tools.  

In this webinar, Field CISO Brandon Nolan will introduce Oxford Computer Group’s Identity Exchange (IdX), a powerful extension platform designed to address critical identity challenges to ensure a smooth migration.  

Built to enhance Microsoft Entra ID Governance, IdX simplifies the transition of your complex, custom line-of-business applications and integrations. It helps you fully unlock the value of your Microsoft Entra investment by resolving issues from legacy integrations, simplifying complex workflows, and reconciling conflicting data across sources. IdX  removes identity roadblocks every step of the way.  

Brandon covers: 

- The capabilities of IdX and how it extends the capabilities of Microsoft Entra 
- How IdX fits into your identity strategy 
- IdX client success stories with measurable results 

Discover how IdX can solve your toughest challenges and accelerate your path to a modern identity strategy.

Creating Transformative Identity Governance Solutions with Microsoft Entra Suite

Identity and Access Management has long been treated like insurance by the C-Suite – necessary, but uninspiring. Viewed as a cost of doing business, rather than way to transform your business.

By building an identity program around business outcomes instead of technology deliverables, you can start selling it to your leadership team. 

In this webinar we’ll show you can begin defining the business value of an IAM program so you can build leadership support, budget protection, and get the freedom to start executing.

What you'll learn:

• How to define the business value of IAM functions
• How to create common definitions in order to map business value across internal departments
• How to create champions for your IAM program
• Real examples of how IAM creates meaningful value for HR and marketing teams
• The growing role of AI in creating value from IAM

Who Gives a Sh*t About Identity Security – How to Create Business Value from IAM

Learn how Microsoft Entra Verified ID can provide continuous identity proofing for individuals interacting with your organization.

When dealing with hybrid work scenarios and large distributed organizations, confirming who you are engaging with becomes ever more critical. One way to ensure the identity and/or role of an individual is with the use of Verified IDs. These digital IDs can verify criteria such as employment, identity, or certifications.

In this webinar recording, we examine common use cases for Verified IDs, including improved proofing for onboarding, help-desk scenarios, and partner engagement.

Principal Architect Mark Riley also covers:

- Introduction to Microsoft Entra Verified ID
- What does proofing do? What doesn’t it do?
- Using Verified ID for various rules
- How does Verified ID improve your organization’s security?

Using Microsoft Entra Verified ID for Identity Proofing of Partners, Customers, and Employees

Azure AD Group Writeback is a feature we and our Microsoft Identity Manager (MIM) customers have been looking forward to implementing - and now it’s in public preview! Azure AD groups can now sync to on-premises Active Directory. Even better, if you are running an Azure AD Premium license (like most of our customers), you’ll be licensed to use it.

Adding group writeback to Azure AD Connect gets organizations a lot closer to eliminating the need for MIM, specifically the MIM Portal. Moving group management from MIM to the cloud will reduce processing time, reduce your on-premises footprint, and move your organization closer to a zero trust security architecture.

Implementing group writeback allows for Azure AD and AD security groups to be managed in one location. Additionally, using Azure Identity Governance can improve security by providing attestation of on-premises AD security groups.

Presented by Architect Nathan Mertz, this webinar covers how to move your MIM group functionality to Azure AD, while at the same time improving support for organizational compliance and reporting. Nathan covers:

- Group management
- Group approvals/workflows
- Dynamic/criteria groups
- Group entitlement management
- Attestation (including for AD groups on-premises) and access requests

Moving MIM Group Functionality to Azure AD for On-Premises Group Attestation

Strengthen security while streamlining IT operations and reducing costs.

Many organizations using Microsoft 365 (M365) productivity tools (formerly the Office 365 suite of products) are under-utilizing the full breadth of functionality provided by the Microsoft 365 E3/E5 licenses. That can lead to higher costs, and potentially leaves the door open for security breaches.

We see underutilized M365 licenses in almost all of our engagements, and we regularly see unnecessary money being spent on third party tools when M365 could be doing the job.

Ask yourself –

- Are you leveraging Azure AD as your centralized identity provider, providing single sign-on for SaaS (Software as a Service) applications, and taking advantage of the hybrid solutions for on-premises applications?
- Is your HR-driven identity lifecycle management using third-party solutions (potentially costing thousands of dollars in renewals) for identity provisioning/deprovisioning instead of leveraging the native capabilities available with Microsoft Entra Azure AD?
- Could your existing identity governance (IGA) use cases, such as attestation, be addressed by Microsoft Entra?

Any “yeses” to these questions? In this webinar recording Principal Architect Frank Urena shows how the Microsoft Entra suite of identity and security solutions can help you reduce your licensing costs, simplify IT operations, and strengthen your cloud security posture.

How to Get the Most Out of Your Microsoft 365 Investments

Upgrading from ADFS to Microsoft Entra ID (formally Azure AD) can improve your organization’s security, cut IT costs, improve productivity with a streamlined sign-on experience, and more. And, with recent ADFS updates from Microsoft, the migration process is easier than ever before. /

Why migrate from ADFS to Microsoft Entra ID?

- Easier single sign-on to thousands of apps, including legacy, SaaS, and third-party apps
- Improve your organization’s security posture
- Improve risk management, compliance, and governance capabilities by eliminating on-premises infrastructure
- Reduce infrastructure costs of maintaining an ADFS environment
- Implement a single control plane for identity and access management
- Streamline the user experience for accessing organization apps

Microsoft Entra ID provides a simple, cloud-based sign-in experience to all your resources and apps. It provides for strong authentication and real-time, risk-based adaptive access policies to grant access to resources. 

In this webinar recording, Principal Consultant Mike Liben discusses the benefits of leaving ADFS behind. Mike also describes the migration process, including best practices for minimizing impact on end users.

Migrating from ADFS to Azure Active Directory: Benefits and Best Practices

Microsoft Entra ID (formerly Azure AD) now makes it easier to configure custom claims for applications to trust it for authentication and authorization.

Custom claims, or optional claims, are typically needed to provide additional information in Access Tokens to assist the receiving API in authorizing access to resource data. Custom claims in ID Tokens can be used by an application to provide custom experiences based on these claims.

Role or Group claims are typically used to provide conditional access to resource data, but third-party applications may require additional data that is not included in these claims. For example, an application may require department or division information to assist in determining what data to expose. Using custom claims, this information can be readily obtained from existing directory information. 

In this technical webinar, Principal Consultant Randy Robb covers Microsoft Entra's new application configuration blade for utilizing custom attributes, and how this can be utilized to provide custom claims in SAML, ID, and access tokens. He also demos examples of custom claims in returned tokens and how to utilize them.

Configuring and Using Custom Claims in Microsoft Entra ID

Properly managing user identity lifecycles is an essential component of your organization’s security posture. Additionally, good identity lifecycle management improves productivity by ensuring timely and appropriate access to resources.

Now generally available, Microsoft Entra ID Governance’s Lifecycle Workflows can help you automate, streamline, and enhance various aspects of user lifecycle management. They can also reduce security risks and administrative burdens and errors while improving compliance processes. Efficient management of the user identity lifecycle allows new hires to hit the ground running.

In this webinar recording, Senior Architect Tim Watson explores the different options and settings that allow you to customize and monitor your Microsoft Entra ID Governance Lifecycle Workflows based on your organization's needs. Tim covers:

- Global settings and customization
- How custom extensions allow workflows to reach external systems
- How versioning and workflow history can help keep administrators informed

Automate the Identity Lifecycle with Microsoft Entra ID Governance

Provide secure access to all apps and resources from anywhere.

The adoption of cloud workloads combined with an increasingly mobile workforce has put a strain on traditional corporate networks and network security models. Threat actors continue to adapt to the new paradigm, finding the gaps between security solutions. Employees also must contend with delays due to a complicated array of endpoint security measures that make accessing resources a headache. This creates a poor user experience, leading to increased risk as users find ways to circumvent the traditional controls.

Microsoft’s networking model brings together two new products, Microsoft Entra Internet Access and Microsoft Entra Private Access, along with Microsoft Defender for Cloud Apps, in the Security Service Edge (SSE) solution. It enables unified Conditional Access policies by taking into account attributes from identities, devices, apps, and network conditions. Organizations can greatly streamline network access security without compromising the end-user experience.

In this webinar, Principal Architect Frank Urena provides an overview of how Microsoft's new identity-centric Security Service Edge (SSE) can address the threats and risks associated with cloud adoption and a mobile workforce while integrating seamlessly into your existing identity-driven security control plane. He discusses:

- Internet Access
- Private Access
- Unified Conditional Access

Introduction to Microsoft’s Security Service Edge for Identity-Centric Network Access

Managing user identities with modern authentication gives administrators numerous tools for securing resources and managing identities.

However, modern authentication solutions can be complicated, especially when you start to look under the hood and try to untangle the various components, platforms, and definitions involved.

In this webinar Architect Randy Robb will share his expertise and break down modern authentication and its components. Randy will cover:

- An overview of modern authentication and its benefits
- Definitions of relevant terms/capabilities involved in modern authentication
- The authorization process
- Security and modern authorization
- Microsoft's modern authentication solutions
- How to get started on your modern authentication journey

Demystifying Modern Authentication

n an age where digital security breaches are not just threats but everyday occurrences, it's essential to stay ahead of malicious actors.

Token theft, in the context of cybersecurity, is a significant threat that targets the digital tokens used for authentication and authorization in various systems and applications. It can take the form of phishing, malware, cross-site scripting, and adversary-in-the-middle attacks (AiTM). They allow attackers to bypass standard authentication measures and gain unauthorized access.

In this webinar, Principal Architect Frank Urena dives into the complex world of cybersecurity. He explores of the latest strategies and tools for protecting your digital assets, starting with a comprehensive overview of token theft and AiTM attacks. This includes how they work, their impact, and why they are a growing concern for organizations.

Frank also demos key features of Microsoft Sentinel and Microsoft Defender. Using real-life scenarios, he shows effective strategies to detect early signs of breaches and respond swiftly to mitigate risks.

This session is designed for IT professionals, security analysts, and anyone keen on enhancing their organization’s digital security posture.

Fortifying Your Cyber Defenses: Using Microsoft Defender to Prevent Token Theft and AiTM Attacks

As the threat landscape evolves, organizations need to protect their entire digital estate against sophisticated attacks. Using many siloed security tools results in a slower time to respond, less visibility into attacks, and more detailed engineering work to connect all the data.

Microsoft Sentinel provides a modern, cloud-native Security Information and Event Management (SIEM) powered by AI, automation, and Microsoft’s deep understanding of the threat landscape.

In this webinar, Microsoft Global Partner Technical Strategy Manager Samba Koita and Principal Architect Nathan Mertz team up to show how Microsoft Sentinel can transform your organization’s security posture. The presentation covers:

- How Sentinel collects signals from other Microsoft services like Defender, Microsoft 365 security alerts, and Microsoft Entra ID
- The role of data, devices, and identity in a modern Security Operations Center (SOC)
- A demo of Sentinel’s threat detection and mitigation capabilities
- An introduction to OCG’s 24x7 Security Operations Center leveraging Microsoft Sentinel

Transform Your Security Strategy with Microsoft Sentinel and a Modern Managed SOC

Privileged Access has become a primary attack vector, with the majority of data breaches involving privileged access misuse or compromise. That's why Privileged Access Management (PAM) is an integral component of an organization's cyber defenses.

A PAM solution supports compliance efforts by monitoring access to critical resources and providing visibility into who is using privileged accounts and what they are doing while they are logged in. And by ensuring just-in-time and just-enough access, PAM also helps prevent credential theft.

In a parallel vein, Privileged Identity Management (PIM) secures privileged accounts with time-bound access and policy enforcement to mitigate the risks of excessive or misused access to sensitive resources.

Selecting the right PAM solution depends on various factors specific to your organization's needs, infrastructure, and security requirements. In this webinar, Principal Architect Tim Watson will provide an overview of PAM, including:

- What is Privileged Access Management? What are the benefits?
- Common use cases for PIM and PAM
- Saviynt CPAM (Cloud Privileged Access Management) overview and its capabilities
- Microsoft PIM (Privileged Identity Management) overview
- The differences between PIM and CPAM, including how Saviynt can supplement PIM

This session is designed for IT professionals, security analysts, and anyone keen on enhancing their organization’s cybersecurity posture.

Understanding Privileged Access Management (PAM)

How does AI threaten identity security? What steps can organizations take to decrease risk to identity management systems?

Artificial Intelligence is promoted as a revolutionary technology that transforms business by equipping staff with tools to quickly deliver on tasks and projects. It is beginning to replace some roles in industry entirely, with relatively little notice by customers.

As with any technology, it has a potential dark side. For example, Artificial Intelligence was used to make robocalls in the recent primary election cycle. Cybercriminals are exploring ways to leverage the technology to circumvent corporate cyber defenses.

In this webinar, guest speaker John Howie, Head of Cyber Risk and M&A IT Security at Bayer, presents on the rising threat of AI to identity management systems. Some of the threats discussed include: 

- Using AI to change your likeness in photographs and video calls
- Creating rich social media footprints with AI to create fake backgrounds
- Leveraging AI to respond to questions to impersonate people

The Rise of AI Threats: Identity Management

Now in General Availability, Microsoft Entra Internet Access and Microsoft Entra Private Access comprise Microsoft's SSE solution and provide a cloud-based, identity-aware network perimeter for the modern workplace.

In a 2022 survey by Gartner, Secure Access Service Edge (SASE) emerged as the third most prioritized technology investment among CIOs and technology executives, following artificial intelligence/machine learning and distributed cloud. This trend underscores the growing importance of SASE in enterprise security strategies.

Key drivers for SASE adoption include the need for robust security measures in response to distributed workforces and rising cyber threats. Zero Trust Network Access (ZTNA), Secure Web Gateways (SWG), and Cloud Access Security Brokers (CASB) are critical components of this framework for both ingress and egress controls. 

In this webinar recording, Principal Architect Frank Urena and Microsoft Senior Product Manager Camila Martins present an in-depth look at Microsoft's newly launched Security Service Edge (SSE). SSE integrates identity and network access to bolster security across cloud and on-premises applications.

This session covers key components such as Microsoft Entra Private Access and Internet Access, demonstrating how they replace legacy VPNs with Zero Trust Network Access (ZTNA) and secure web gateways for seamless, secure access to resources. Learn how SSE eliminates security gaps, unifies access controls, and enhances user experience globally.

Exploring Microsoft's Security Service Edge (SSE) Solution

Collaboration is at the heart of every university.

Whether it’s connecting across campuses, working with other universities, or teaming up with research partners, making sure these connections are seamless is crucial for advancing learning and research. But keeping collaboration secure can be a real challenge for institutions of any size.

There are several reasons why this gets complicated, like:
- The risk of exposing sensitive data when working together
- Juggling access rights across different identity systems
- Struggling to integrate smoothly with partner systems
- Navigating tricky compliance and data sovereignty issues
- Maintaining secure collaboration, even as things scale

In this webinar recording, Brandon Nolan, Senior Director, and Corey Lee, Microsoft Security CTO for Education dive into the biggest collaboration challenges universities face. They look at how to improve your identity systems to better protect your users and data while making sure collaboration—whether internal or with external partners like research institutions or government bodies—remains secure and effortless.

Securing Academic Partnerships: Overcoming Identity Challenges in Collaborative Higher Education Environments

Explore the capabilities of the Microsoft Entra Suite, an advanced, streamlined solution for managing identity and access in your organization. Designed to meet the complex demands of today’s evolving workforce, Microsoft Entra Suite ensures the right people have secure access to critical systems while safeguarding sensitive information and staying compliant with industry regulations. 

In this webinar recording, Managing Director Brandon Nolan and Principal Architect Nathan Mertz discuss and demo: 

- How to tailor identity workflows for new hires, role transitions, and employee exits
- Preventing fraud at the helpdesk through robust identity proofing processes
- Keeping hybrid work scenarios secure and efficient
- Audit logs and transparency features for approvals

Brandon and Nathan also leverage their industry-specific insights to demonstrate how Microsoft Entra Suite integrates with systems like Epic and Workday.

Discover the Microsoft Entra Suite: Unlocking Unified Identity and Access Management

Misconfigured identity systems, including Microsoft Entra ID and on-premises Active Directory, can provide cyber criminals with the opening they need to successfully breach an organization.

A compromised identity can enable threat actors to breach the identity platform. This can lead to additional damage, tenant destruction, and even loss of control over the Microsoft Entra ID instance.

To secure your hybrid identity system, careful attention must be paid to simplifying authentication and authorization, ensuring administrative least privilege, access reviews, and regularly reviewing activity.

In this webinar, presented by Architect Tim Watson, we examine how misconfigured hybrid identity setups can increase your vulnerable attack surface and lead to compromise of Microsoft Entra ID. Tim examines common blind spots, including:

- Complex identity systems
- Legacy systems
- Synced service accounts
- Federated identity services

Tim also discusses best practices for implementing security measures that can help remediate these scenarios.

This session is designed for IT professionals, security analysts, and anyone keen on enhancing their organization’s digital security posture.

How Misconfigured Hybrid Identity Setups Can Compromise Cybersecurity

Misconfigured identity systems

Hybrid identity platform security issues

adfs security

Microsift entra id security

synced service accounts

complex identity systems

compromised microsoft entra id

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

How Misconfigured Hybrid Identity Setups Can Compromise Cybersecurity

Presented by

About this talk

More from this channel