Tom Janetscheck

Information & Communications Technology

Azure Security Cloud Security Enterprise Security Governance

Saarbrücken, Saarland, Germany

Tom Janetscheck

Senior Program Manager, Microsoft Defender for Cloud

Tom Janetscheck is a Senior Program Manager at Microsoft Cybersecurity Engineering, focused on Microsoft Defender for Cloud. Prior to that, he has been working in different internal IT and consulting roles for almost two decades, with a strong focus on cloud infrastructure, architecture, and security.

As a well-known international conference speaker, tech blogger, and book author, and as one of the founders and organizers of the Azure Saturday community conferences, the former Microsoft MVP is actively taking his experience into international tech communities.

In his spare time, Tom is an enthusiastic motorcyclist, scuba diver, guitarist, bassist, rookie drummer, and station officer at a local fire department.

Current sessions

Azure Security Best Practices DE EN

Sicherheitsbedenken waren seit jeher die größten Stolpersteine für Kunden auf ihrem Weg zur Digitalisierung. Begleitet Azure MVP Thomas Janetscheck zu dieser Breakout Session und lernt, wie Ihr Eure Azure Ressourcen vor versehentlichem Löschen schützt, wie Ihr Eure Azure Infrastruktur härtet und wie Ihr Einblicke darin bekommt, was im Zusammenhang mit Security in Eurer Cloud-Umgebung vor sich geht.

Der Fokus dieser Session liegt auf Azure Security Center, aber Tom wird auch Konzepte wie RBAC und BYOK ansprechen und die Session mit jeder Menge Demos auflockern.

Azure Security Best Practices DE EN

Security concerns have always been one of the main show stoppers so far for customers on their way to digitalization. Join Azure MVP Thomas Janetscheck for his breakout session and learn how to protect Azure resources from accidental deletion, how to harden your Azure infrastructure, and how to gain insights into what's going on in terms of security.

Azure Security Center will be the focus of this session but Tom is going to cover concepts such as RBAC and BYOK as well and spice it up with lots of demos.

What's new in Azure Security Center EN

At Microsoft Ignite 2020, we announced quite a bunch of exciting news regarding Azure Security Center's cloud security posture management (CSPM) and cloud workload protection platform (CWPP) capabilities. In this session, you will learn what's new, and how Azure Security Center helps to manage and maintain security in your hybrid and multi-cloud environments.

Enterprise Security - how to protect identities, platform, and infrastructure with Microsoft tools EN

Join Principal Cloud Security Architect, Microsoft MVP and NinjaCat Tom Janetscheck for this demo-only session about identity, infrastructure and platform security, monitoring, and cyber threat hunting with the Microsoft cloud.

You will witness live attacks and remediations, learn how to easily implement the most important security principles (and how to avoid pitfalls) and how Microsoft security tools such as Azure AD, Azure Security Center, and Azure Sentinel complement each other so you get the most out of your environments - be it in the cloud or on premises.

Cloud Security Posture Management (CSPM) with Azure Security Center EN

Even with big investments in threat detection across the security industry, studies show that bad security hygiene is still the number one reason organizations get compromised. Meaning, visibility and control over your cloud workloads’ security posture is an imperative measure to reduce the likelihood of attackers exploiting misconfigurations and known vulnerabilities in your environment.
In this session, we’ll demonstrate how to utilize Azure Security Center (ASC) to provide visibility and control over different workloads in Azure and beyond. From preventative remediation of security recommendations to the utilization of secure score as your main KPI to drive security posture management. Learn about ASCs threat detection options as well as its capabilities to address the Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) scenarios.

Azure Security Center 101 EN DE

Security is one of the main objectives when thinking about moving resources to the cloud. In this theater session you will get a high-level overview on Azure Security Center, a unified security management solution that helps you to find, fix and prevent security issues in your Azure environment.

Beyond that, Tom will show in a live demo how easy it is to attack a server and what Azure Security Center offers to prevent such an attack.

Azure Security Center EN DE

Sicherheit ist eines der Kernthemen, um die es geht, wenn man darüber nachdenkt, in die Cloud zu wandern. In dieser Theater-Session bekommt Ihr einen Überblick über Azure Security Center, eine einheitliche Lösung zur Sicherheitsverwaltung die Euch dabei unterstützt, Sicherheitsproblemen in Eurer Cloudumgebung vorzubeugen, sie zu finden und zu beheben. Darüber hinaus zeigt Tom in seiner Livedemo, wie einfach es ist, einen Server anzugreifen und welche Technologien Azure Security Center bietet, um das zu verhindern.

How to deploy Defender for Cloud at scale? EN DE

While Microsoft Defender for Cloud should be used in every hybrid cloud environment, there is a common misconception that it is enabled on Azure by default. Also, there are some wrong assumptions when it comes to Log Analytics workspace and agent designs. In this technical deep dive, we will demystify Microsoft Defender for Cloud’s onboarding process, talk about auto-provisioning of agents and extensions, and unleash the gotchas in deploying Defender for Cloud on Azure, in hybrid, or in multi-cloud environments.

How to deploy Defender for Cloud at scale? EN DE

Während Microsoft Defender for Cloud als Sicherheitslösung in allen hybriden und multi-cloud Umgebungen eingesetzt werden sollte, gibt es die falsche Annahme, dass der Service auf allen Azure Subscriptions automatisch aktiviert wird. Daneben sehen wir ständig wiederkehrende falsche Vermutungen bezüglich Log Analytics Workspace und Agenten Design.
In diesem technischen Deep Dive werden wir das Onboarding von Defender for Cloud entmystifizieren, über Auto-Provisioning von Agent und Extensions sprechen, und die Fallstricke im Zusammenhang mit der Bereitstellung von Defender for Cloud auf Azure, in hybriden, oder multi-cloud Umgebungen offen legen.

Sit back and relax while I secure your Azure environment EN

Cloud computing and security always go hand in hand with each other. Join Azure MVP Tom Janetscheck for this live demo session to learn how (un)secure Azure ressources can be out of the box right after the deployment and what we need to do to secure and harden our environments. You will find out how to protect Azure resources from accidental deletion, how to improve your security posture in the cloud, and how to gain insights into what's going on in terms of security. But, most notably, you will learn how to make Microsoft Azure the most secure cloud platform of all!

In this demo-rich session Tom is going to cover security in Azure storage, networking, and compute as well as topics such as Azure Security Center and Sentinel, governance, and encryption.

Common sense in the world of Azure Governance EN

Have you ever accidentaly deleted Azure resources or realized the different resource pricings in different Azure regions? Agile deployments and the "Let's get started" mindset are great but there are rules you need to comply with to get the best out of your Azure environments.
Join Azure MVP Tom Janetscheck to learn about Azure Governance, about what tools you have and how to use them, and what decisions you should make in advance to circle around pitfals.

Azure security - ultimate security in the cloud era EN

In today's cloud era, admins struggle to keep their IT infrastructures secure. Cloud security is a shared responsibility and what we need is a new approach!

In this session, you will learn how to securely deploy and maintain Azure solutions, why automation is essential, what network security and encryption options you have, and how access control can prevent you from having sleepless nights.

We will successfully attack an Azure environment live on stage, dive deep into Azure Security Center, and see how we can use it to ultimately secure IT infrastructures on premises, hybrid, and on Azure.

Azure Security Center unleashed EN

In cloud environments, management is increasingly distributed, attackers continue to innovate, and thus, cloud security management looks like mission impossible.

Join Azure MVP Tom Janetscheck for a deep-dive into Azure Security Center, witness on-stage live attacks against an Azure environment and learn what you need to know in order to secure an Azure environment.

Secure Azure resource deployments with Terraform EN DE

DevOps, infrastructure-as-code, and automated resource deployments are essential for obeying to governance and security concepts. Besides Azure CLI, ARM templates and PowerShell, Terraform is another tool to deploy infrastructure as code. In this session you will learn how Terraform works, what advantages it has compared to other infrastructure-as-code tools and how you can leverage it to securely deploy Azure resources.

Sichere Azure-Deployments mit Terraform EN DE

DevOps, infrastructure-as-code und automatisierte Bereitstellungen sind wichtig, um Governance- und Sicherheitskonzepte einzuhalten. Neben Azure CLI, ARM templates und PowerShell ist Terraform eine weitere Lösung, um Infrastructure-as-Code-Bereitstellungen anschieben zu können. In dieser Session werden Sie lernen, wie Terraform funktioniert, welche Vorteile es im Vergleich zu anderen Lösungen bietet und was es zu beachten gilt, damit Sie Ihre Infrastructure-as-Code-Bereitstellungen sicher durchführen können.

Secure DevOps: How to enable a culture of security in your DevOps team? EN

“Assume breach - The question is not if there will be an attack but how to discover it as soon as it takes place!”

DevSecOps, SecDevOps, SecDevSecOpsSec - there are several terms that are excessively and permutably used to describe security in DevOps. Security has historically been important for operations and therefore still has high impact into how to run modern applications. But in a modern DevOps organization, you don’t have a separated operations team any more. This is why security nowadays needs to be established through the whole application lifecycle: starting with secure environments, secure code, testing, monitoring and application operation.
In this session, Microsoft MVPs Mike Kaufmann (Dev) and Tom Janetscheck (Ops) will give you insights into how to bring security to DevOps by means of real-life demos and notes from the field. You'll learn why governance, infrastructure-as-code and security belong together, what Microsoft Azure can offer to enhance your security posture in the cloud, and how to enable a culture of security by red team/blue team exercises and chaos engineering practices in your DevOps team.
Only with culture of security and the awareness of all participants in your entire application lifecycle you can secure your resources, your data and with it your business.

Threat hunting with the Microsoft cloud EN

With the release of Azure Sentinel, Microsoft has shifted some features from Azure Security Center to their new threat hunting and SIEM/SOAR solution. But how do all the security tools Microsoft offers nowadays integrate with each other? How can you find a way through this security jungle? And how do you make sure to have the right tools in place when it comes to protecting your IT environments and hunting threats?
Join cloud security expert and Microsoft MVP Tom Janetscheck for this demo-rich session to get all these questions answered and to learn how to protect your cloud resources easily and efficiently.

Identity is the new perimeter EN DE

Today's IT landscape is characterised by SaaS applications, public cloud environments, and IoT. What they all have in common is identity as their central management interface. In terms of security, this means that today, it's more important than ever to securely manage identities in the cloud and on-premises and to make sure to be informed as soon as someone tries to get hold of them.

Join cloud security expert and Microsoft MVP Tom Janetscheck for this session and learn how to leverage Microsoft tools in Azure and on-premises to protect your identities, to see what happens when it happens, and how important it is to adhere to some easy principles when it comes to protecting your environments.

Hybride Identitäten - und jetzt? EN DE

Heutige IT-Landschaften sind geprägt von SaaS-Applikationen, hybriden Cloud-Umgebungen, und auch IoT ist eines der Schlagworte von Industrie 4.0. Was sie alle gemein haben, ist die Tatsache, dass der Schutz des Netzwerkes heute nicht mehr ausreicht, um moderne Umgebungen abzusichern. Es ist wichtiger, denn je, Identitäten in der Cloud, aber auch in der eigenen Umgebung sicher zu verwalten, damit Angriffsversuche jederzeit erkannt und abgewehrt werden, sie aber gleichzeitig auch die Angriffsfläche verringern können.

Erfahren Sie in diesem Vortrag von dem Cloud Security-Experten und Microsoft MVP Tom Janetscheck, wie Sie Microsoft-Tools sinnvoll einsetzen können, um sowohl Ihre Cloud-Identitäten, als auch Ihre lokalen Konten abzusichern. Mithilfe einer Vielzahl von Live-Demos werden Sie erkennen, welche einfachen Prinzipien notwendig sind, und wie Sie diese technisch umsetzen können, um Ihre hybriden Umgebungen vor Angriffen zu schützen, ohne Ihre Benutzer unnötig einzuschränken.

Past and future events

Techorama 2022 BE

23 May 2022 - 25 May 2022
Antwerpen, Flanders, Belgium

Azure Saturday - Belgrade 2020

28 Feb 2020 - 29 Feb 2020
Belgrade, Central Serbia, Serbia

Azure Lowlands

24 Jan 2020
Rotterdam, South Holland, Netherlands

CloudBrew 2019 - A two-day Microsoft Azure event

13 Dec 2019 - 14 Dec 2019
Mechelen, Flanders, Belgium

Experts Live Europe 2019

20 Nov 2019 - 22 Nov 2019
Prague, Hlavní město Praha, Czechia

Experts Live Norway 2019

29 May 2019
Oslo, Norway

Techorama Belgium 2019

20 May 2019 - 22 May 2019
Antwerpen, Flanders, Belgium

Intelligent Cloud Conference 2019

8 Apr 2019 - 10 Apr 2019
Copenhagen, Capital Region, Denmark

AzureDay Poland

Azure infrastructure security - ultimate security in the cloud era
29 Mar 2019
Warsaw, Mazovia, Poland

Azure Saturday Berlin

9 Feb 2019
Berlin, Germany

Microsoft Ignite | The Tour Berlin

Sit back and relax while I secure your Azure environment
6 Dec 2018 - 7 Dec 2018
Berlin, Germany

Experts Live Europe 2018

24 Oct 2018 - 26 Oct 2018
Prague, Hlavní město Praha, Czechia

CloudBrew 2018 - A two-day Microsoft Azure event

12 Oct 2018 - 13 Oct 2018
Mechelen, Flanders, Belgium

Microsoft Ignite 2018

Two sessions about Azure Governance and Azure Security Center
24 Sep 2018 - 28 Sep 2018
Orlando, Florida, United States

cim Lingen 2018

1 Sep 2018
Lingen, Lower Saxony, Germany

Insider Dev Tour 2018

Azure Backend Security für Entwickler
14 Jun 2018
Köln, North Rhine-Westphalia, Germany

Azure Saturday 2018

26 May 2018
Munich, Bavaria, Germany

Azure Saturday 2018 - Pre-Conference Workshop Day

Azure Governance & Security Deep Dive Workshop
25 May 2018
Munich, Bavaria, Germany

Azure Black Magic Training

Deep dive insights and hands-on training on Azure Infrastructure (storage, networking, compute)
15 May 2018 - 16 May 2018
Munich, Bavaria, Germany

Global Azure Bootcamp 2018

Azure Security Best Practices
21 Apr 2018
Saarbrücken, Saarland, Germany

Microsoft Tech Summit 2018

Azure Security Center,
Workshop: Build and manage your applications on Azure
20 Feb 2018 - 21 Feb 2018
Frankfurt am Main, Hesse, Germany

Azure Munich Meetup

Azure Security Center
7 Feb 2018
Munich, Bavaria, Germany

Azure Meetup Hamburg

Security in Azure
11 Jul 2017
Hamburg, Germany

Azure Saturday 2017

Business Continuity and Disaster Recovery in Azure
24 Jun 2017
Munich, Bavaria, Germany

Global Azure Bootcamp 2017

22 Apr 2017
Saarbrücken, Saarland, Germany