Jump to navigation Jump to content

Speaker

Fabian Bader

Fabian Bader

Cyber Security Architect and Microsoft MVP

Cyber Security Architect and Microsoft MVP

Hamburg, Germany

Actions

Fabian Bader is a Cyber Security Architect and Microsoft MVP from Germany. He focuses on security and cloud solutions and works mainly with Microsoft technologies.
From Azure cloud to on-premises Active Directory, he likes to automate stuff with PowerShell.

Besides being a speaker at community events, he blogs at "cloudbrothers.info" and hosts the "Hamburg PowerShell User Group" and is part of the organizing team of "PowerShell Saturday Hamburg".

❤️ PowerShell and Security 🛡️

Fabian Bader is a Cyber Security Architect and Microsoft MVP from Germany. He focuses on security and cloud solutions and works mainly with Microsoft technologies.
From Azure cloud to on-premises Active Directory, he likes to automate stuff with PowerShell.

Besides being a speaker at community events, he blogs at "cloudbrothers.info" and hosts the "Hamburg PowerShell User Group" and is part of the organizing team of "PowerShell Saturday Hamburg".

❤️ PowerShell and Security 🛡️

Links

Awards

Area of Expertise

  • Information & Communications Technology

Topics

  • Azure AD
  • PowerShell
  • Microsoft Azure
  • Azure Active Directory
  • Automation with PowerShell
  • Azure PaaS
  • Active Directory
  • Azure Hybrid Identity
  • Microsoft Defender
  • Infrastructure as Code
  • Cloud & Infrastructure
  • Cloud Native Infrastructure
  • Secure Infrastructure
  • Defender for Cloud
  • Security
  • Identity
  • Microsoft Identity
  • Microsoft Defender for Identity
  • Microsoft 365 Defender
  • Microsoft Defender for Cloud
  • Microsoft Defender for Cloud Apps
  • Microsoft Defender for Office
  • Microsoft Defender for Endpoint
  • Microsoft Defender for Office 365
  • Cloud Security
  • Azure Security
  • IT Security
  • Microsoft Sentinel
  • Azure Sentinel
  • Microsoft XDR

Sessions

Introducing Maester your Microsoft 365 test automation framework en

How do you ensure that changes you make to your cloud configuration don't break your existing security posture?

Wouldn't it be nice if you could run a suite of regressions tests when introducing a new change to your Microsoft 365 configuration?

How can you create a customized version of the Microsoft Secure Score checks that are tuned to your organization's specific needs?

Maester is a test automation framework built on Pester to help Microsoft 365 admins write tests to continuously validate your key Microsoft cloud configuration settings in Microsoft 365, Entra ID and Intune.

In this session you will learn how you can kick things off with the starter set of tests that come with Maester and then customize them to your organizational needs. Next, we'll deep dive into how you can author your own tests and contribute them back to the community.

Finally, we'll show how you can integrate the tests with automation frameworks like Azure DevOps and GitHub Actions using secure practices like workload identity federation to continuously monitor your environment.

Microsoft Defender for Identity ♥️ PowerShell en de

Microsoft Defender for Identity has had an official PowerShell module for a few weeks now. What is possible with it and why do you need it at all? We will answer all these questions in this session.

Microsoft Defender for Identity ♥️ PowerShell en de

Microsoft Defender for Identity hat seit wenigen Wochen ein offizielles PowerShell Module. Was ist damit möglich und wozu braucht man des überhaupt? All diese Fragen klären wir in dieser Session.

Entra ID Automation using Graph X-Ray en

With the deprecation of the Microsoft Azure Active Directory Graph API in sight (30.03.2024) only a few weeks away, for many there is still the question - How do I use the new Microsoft Graph SDK module, and how do I navigate all those Graph endpoints. In this session we will explore this in more depth ,and I will show different ways how to figure out which cmdlet or Graph endpoint is the correct one to use.

From (tier) zero to cloud hero: How to pwn Azure AD from on-prem en

Most organizations today leverage the cloud and Azure AD is a crucial service for many of them. This makes it a valuable target for threat actors as well.
The crown jewel to this environments is a global admin account, the cloud equivalent of domain admin.

In this talk I will demonstrate an attack path from on-premises to Global Admin that does not rely on password resets of existing users.

You will learn how to detect the different methods used and counter it at different stages and a simple way to see if your environment is vulnerable.

Sentinel Pester Framework en

Regardless if you manage one or multiple Sentinel workspaces, if you use CI/CD or a manual approach, configuration drift is something to watch out for.

Monitoring changes to core settings, data connectors, analytics rules and other artifacts should be great and easy.

And with the Sentinel Pester Framework you get the tooling that allows you to do so.

In this talk we discuss the basic configuration as well as the option to implement the solution in a CI/CD pipeline like GitHub actions.

Use external threat intelligence in Microsoft Defender for Endpoint en

Extend alarming and protection capabilities of Microsoft Defender for Endpoint using external data sources.
In this showcase Fabian Bader will demonstrate how easy you can tap into open source threat intelligence using the Feodo Tracker project and use it to protect your endpoints.

The Feodo Tracker project (https://feodotracker.abuse.ch/), which tracks active Emotet C2 servers around the globe, is used as an example.

Azure Attack Paths en

Azure offers a wide offering of services and all those services are interconnected. That makes it easy to loose sight of who can manage what. Different Identity types and permissions are the backbone for a secure cloud environment. Therefore it's important to understand how each service might be used to laterally move in your environment and how bad choices could affect your security posture.

Why using a FIDO2 security key is important? en

In this session you will learn why classic MFA based authentication is still at risk of being phished and how FIDO2 security keys can mitigate such attacks. We also look in how Azure AD conditional access provides additional layer of security you can implement.

Alert {{customization}} in Sentinel en

Custom alert details in Microsoft Sentinel can be a game changer. In this session I will demonstrate how to use this feature in your own Analytics Rules and how it can help your analysts by surfacing important information. This session is very demo heavy.

Events

Workplace Ninja Summit 2024 Sessionize Event

September 2024 Luzern, Switzerland

Cloud Identity Summit '24 Sessionize Event

September 2024 Köln, Germany

SysAdminDay 2024 in Leipzig Sessionize Event

July 2024 Leipzig, Germany

PowerShell UserGroup InnSalzach User group Sessionize Event

February 2024, July 2024

psconf.eu 2024 Sessionize Event

June 2024 Antwerpen, Belgium

Experts Live Netherlands 2024 Sessionize Event

June 2024 Nieuwegein, The Netherlands

Azure Saturday Hamburg 2024 Sessionize Event

January 2024 Hamburg, Germany

Workplace Ninja Summit 2023 Sessionize Event

September 2023 Baden, Switzerland

Cloud Identity Summit '23 Sessionize Event

September 2023 Koblenz, Germany

Purple Elbe Security User Group User group Sessionize Event

May 2023 Hamburg, Germany

Hamburg PowerShell User Group User group Sessionize Event

July 2022

Microsoft Cloud Security User Group User group Sessionize Event

April 2022

Fabian Bader

Cyber Security Architect and Microsoft MVP

Hamburg, Germany

Links

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top