A new threat: Phishing Attack using Microsoft Teams

Cyber threats are always evolving. In the past couple of months, there has been a large increase in phishing messages sent using Microsoft Teams.

Louis and Thijs work in a Security Operations Center and handle these types of attacks daily. During this session we will cover the following:

* Some real-world example of an attack
* How to investigate them using built-in features in Microsoft Defender
* Setting up protective measures to stop the attack dead in it's tracks.

Join here: https://teamsbuzz.com/room2

Mastering Privileged Identity Management (PIM): From Basics to Advanced Strategies

PIM at Its Core:
Privileged Identity Management (PIM) is Microsoft's solution for permissions and access. Managing who has access to which administrative role, when, and where is foundational to a secure environment. Join us to delve deeper into the power of PIM, where security and control converge to create a robust framework.

From Simple to Complex: Navigating the PIM Landscape:
While setting up PIM for a handful of individuals might seem straightforward, the complexity surges exponentially when entire IT teams with varying tiers come into play. Discover the challenges and intricacies of scaling up your PIM strategy and gain insights into creating an efficient architecture that adapts to your organization's unique structure.

Live Demos:
No theory without practice. Join us for live demos where you'll witness the implementation of essential PIM strategies. Louis will showcase the enforcement of FIDO2 authentication, ensuring robust multi-factor authentication. Moreover, explore a zero-risk tolerance approach for activating highly privileged roles like Global Admin, ensuring the utmost security.

Key Takeaways:

Scalable PIM Architecture:
Grasp the foundational principles for constructing a Privileged Identity Management (PIM) architecture that seamlessly accommodates the growth of your IT teams.
Learn how to design a flexible and adaptive PIM setup to meet the evolving needs of your organization's expanding infrastructure.

Custom RBAC Roles:
Tailor your PIM framework with precision by integrating Custom Role-Based Access Control (RBAC) roles.
Understand the importance of aligning these roles with the unique structure and specific requirements of your organization.

Activation Requirements for Elevated Permissions:
Explore the crucial aspect of implementing activation requirements before users can elevate their permissions.
Gain insights into creating a secure and controlled environment, ensuring that elevated privileges are granted only under specified conditions.

Who Should Attend?
Whether you're new to PIM or seeking advanced strategies for your organization, this session is designed for IT professionals, security enthusiasts, and decision-makers. Equip yourself with the knowledge to create a PIM framework that not only protects but evolves with your organization's security needs.

Join Louis on this enlightening journey through Privileged Identity Management, where security meets scalability, and complexity transforms into control.

Demos: yes
level: beginner-intermediate

The quick wins in the Microsoft secure score

Microsoft's secure score helps you identify weaknesses and improvements within your tenant. At first glance, this list of recommendations might seem intimidating and never-ending. Well… so is the security landscape. Buckle up, we are going on an adventure!

In this session, we will be discussing:

What is the secure score and how does it work?
- How to use it as a working tool
- How to prioritize configurations
- The quick wins in the security score
- Why the secure score isn’t always right.
- What if you completed the secure score?

This will session will be practical, in the portals, handy tools and methods to solve challenges identified by the secure score.

Sh!t we got compromised. A session on monitoring and remediation using Microsoft 365 Defender.

Its 3 am in the night, and your phone is going crazy. Incidents are coming and in you see that a Command and Control beacon is active.
No time to get coffee, start your incident response adventure using the Microsoft security stack.

In this session, we will share how a series of events led to a full compromise of a domain.
- What were the security misconfigurations which led to the compromise?
- How the attack was discovered and investigated using Microsoft Security tools
- How the incident was contained and fully shut down.

This is a practical session sharing a real-world scenario of an attack. Focusing on both the misconfigurations and must-do's, and how Microsoft Defender helped us during the investigation.