Speaker

Christopher Brumm

Christopher Brumm

ITSec Pro focussed on MS Cloud Stuff

Hamburg, Germany

Actions

I am a big fan of Microsoft Cloud Security products because there my two favorite topics Identity and Security work together in a unique way. I've been working in IT for quite a while and have almost 15 years of experience in IT security in various roles. At the moment I am a Cybersecurity Architect at glueckkanja AG and help our customers with my favorite topics. I am 43 years old and live with my family in Hamburg.

Area of Expertise

  • Information & Communications Technology

Topics

  • cyber security
  • Cloud Security
  • Microsoft Entra
  • Azure AD
  • Microsoft Defender

Sessions

Conditional Access in Zeiten von Global Secure Access de

Conditional Access hat im Laufe der Zeit eine immer größer werdende Rolle im Access Management von Unternehmen eingenommen und ist heute die(!) Policy Enforcement Engine einer modernen Zero Trust Architektur. Nicht verwunderlich also, dass Microsoft auch bei Global Secure Access auf Conditional Access setzt und es zum primären Punkt der Richtliniendurchsetzung für Secure Web Gateway und Zero Trust Network Access macht!

In dieser Session möchte ich besprechen

* mit welchen Elementen sich GSA in CA integriert und welche Funktionen hinzukommen
* wie man CA Policies nutzt um Entra Internet Access zu konfigurieren
* wie man CA Policies für Entra Private Access Apps clever strukturiert
* warum die Nutzung von GSA euch auch beim Zugriff auf Microsoft 365 Services Security Vorteile bringt.
* warum es gleich mehrere Zusammenhänge zwischen GSA und Continuous Access Evaluation gibt.

Neben den Einschränkungen und Inkompatibilitäten die ihr kennen solltet um einen sinnvollen Regelsatz zu entwerfen, möchte ich auch einen Ausblick auf die Auswirkungen geben, die Global Secure Access auf euren bestehenden Conditional Access Regelsatz haben kann.

Durch meine bisherigen Projekterfahrung in diesem Feld kann ich

* euch einen Ausblick auf die Auswirkungen einer Global Secure Access Einführung auf den bestehenden Conditional Access Regelsatz geben.
* über Erfahrungen bei der Arbeitsteilung und Zusammenarbeit zwischen Global Secure Access Admin und Conditional Access Admin berichten
* Vorschläge für sinnvolle Policies vorstellen

Level 300 - 40 Minuten

Zero Trust - Zero Gap? Spotlight on (new) uncovered aspects of your CA design en

Conditional Access is the heart of Microsoft's Zero Trust implementation as its policy enforcement engine and Microsoft introduces constantly new features to cover more and more use cases and integrations. This includes granular conditions and controls for specific authentication methods, restricted sessions and authentication flows but also new capabilities to re-trigger a policy evaluation.

In this session, we will discuss the latest features and their use cases and also challenges that you may not address in your current ruleset. Starting from automation for deployment, exclusion handling and gap monitoring, up to missing strong policy design to prevent rogue devices or protect privileged users.

The End of Passwords: An Introduction to Passkeys in Entra ID en

In cyber security we had and still have a lot of trouble with passwords. They are, as a single factor, insecure or difficult to remember and overall inconvenient. While password managers solve some part of this problem, widespread adoption in the enterprise is not available. In the end nobody loves passwords, except hackers 😜

But 2024 is the year the password dies! At least we hope so.

In this talk we want to show you how passkeys can replace not only the password but phishable MFA factors as well.

We will delve in the basic´s behind passkeys, explain the technology that makes them so secure but also what different kind of passkeys there are.

In this session we will focus on how passkeys fit into Microsoft Entra IDs ecosystem, our favorite identity provider, but many aspects are applicable to other IdPs as well.

But where there is light, there is also shadows. We will discuss the risk some of the passkey implementations might hold for you as an enterprise and will show counter measures to mitigate or minimize this risk.

Let us all make 2024 the end of the password!

Level 200-300 ~45 minutes

Walk the walk - explore ways to ensure strong authentication in real life scenarios en

Everyone will agree that a solid set of rules for authentication and authorization is one (if not the) cornerstone of a Zero Trust implementation. Furthermore, everyone actually agrees that device compliance and phishing resistant MFA are the best basic measures to implement with Azure Active Directory Conditional Access.

However, when we look at the status quo of many environments we see a different picture and anyone who has tried to roll out these basic measures to all users in a larger environment knows that this is not an easy task.

This session is based on a lot of project experience and shows a collection of strategies, tactics and tools to make a roll-out efficient and as painless as possible.

Topics: Conditional Access, Authentication methods, Logs, Reports & Workbooks, MFA registration methods / policies, Strong Authentication, Passwordless, Zero Trust

Level 200-300, minimum 45 minutes (better more)

1st AID for EID - how to prevent lateral movement to Entra ID when your Active Directory has fallen en

Currently, the biggest threat to an Entra ID tenant in the vast majority of environments comes from the connected Active Directory. Attackers are (currently) focusing heavily on on-prem environments, as these are generally much more difficult to protect and are also in a much worse state. And it's often not far from there to the cloud...

Containment is one of the most important measures in an emergency and usually Entra ID, M365 and Azure are at the top of the list as M365 is very important for crisis communication and Azure can be a good platform for the recovery phase.

In this session, we will discuss the steps necessary to block lateral movement for a full compromise of Entra ID from Active Directory in a reasonable order.

We will then look at your users' accounts, the impact of your actions on their ability to work and how you can make decisions in this situation.

We will also discuss what you can do today to be best prepared for this scenario.

Level 200-300, minimum 45 minutes

Let’s replace your VPN with a real Zero Trust Network Access ! en

We've spent the last few years modernizing clients, kicking them out of Active Directory and optimizing them to run outside the corporate network. The use of modern protocols, conditional access and the integration of MDE and Intune now enables us to access cloud services with access management that largely complies with the principles of zero trust.

However, when it comes to accessing legacy apps in the old data center world, we unfortunately all too often fall back on the old solutions - perhaps enhanced with some SAML and certificates - and features such as microsegmentation and session revocation are sought in vain.

In this session I would like to discuss and show why Microsoft's SSE solution is so much closer to my understanding of Zero Trust Network Access by explicitly checking every session in the network during its establishment, limiting access to the least necessary and disconnecting in case of a breach.

As a security architect who used to deal intensively with networks and in recent years with identity, I am very much looking forward to a deep dive on the topic of Single SignOn when accessing the OnPrem environment with Private Access.

In addition to the way the technology works, you will learn what needs to be considered during POC and rollout and what differences there are to a classic VPN project.

Level 200-300, minimum 45 minutes

Workplace Ninja Summit 2024 Sessionize Event

September 2024 Luzern, Switzerland

Cloud Identity Summit '24 Sessionize Event

September 2024 Köln, Germany

Cloud Technology Townhall Tallinn 2024 Sessionize Event

February 2024 Tallinn, Estonia

Azure Saturday Hamburg 2024 Sessionize Event

January 2024 Hamburg, Germany

Cloud Identity Summit '23 Sessionize Event

September 2023 Koblenz, Germany

Purple Elbe Security User Group User group Sessionize Event

May 2023 Hamburg, Germany

Cloud Identity Summit '22 Sessionize Event

September 2022 Bonn, Germany

Cloud Identity Summit '21 Sessionize Event

September 2021

Christopher Brumm

ITSec Pro focussed on MS Cloud Stuff

Hamburg, Germany

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top