Tom Janetscheck

Tom Janetscheck

Senior Program Manager, Microsoft Defender for Cloud

Saarbrücken, Germany

Tom Janetscheck is a Senior Program Manager at Microsoft Cybersecurity Engineering, focused on Microsoft Defender for Cloud. Prior to that, he has been working in different internal IT and consulting roles for almost two decades, with a strong focus on cloud infrastructure, architecture, and security.

As a well-known international conference speaker, tech blogger, and book author, and as one of the founders and organizers of the Azure Saturday community conferences, the former Microsoft MVP is actively taking his experience into international tech communities.

In his spare time, Tom is an enthusiastic motorcyclist, scuba diver, guitarist, bassist, rookie drummer, and station officer at a local fire department.


Area of Expertise

  • Information & Communications Technology


  • Azure Security
  • Cloud Security
  • Enterprise Security
  • Governance


Azure Security Best Practices de en

Sicherheitsbedenken waren seit jeher die größten Stolpersteine für Kunden auf ihrem Weg zur Digitalisierung. Begleitet Azure MVP Thomas Janetscheck zu dieser Breakout Session und lernt, wie Ihr Eure Azure Ressourcen vor versehentlichem Löschen schützt, wie Ihr Eure Azure Infrastruktur härtet und wie Ihr Einblicke darin bekommt, was im Zusammenhang mit Security in Eurer Cloud-Umgebung vor sich geht.

Der Fokus dieser Session liegt auf Azure Security Center, aber Tom wird auch Konzepte wie RBAC und BYOK ansprechen und die Session mit jeder Menge Demos auflockern.

Azure Security Best Practices de en

Security concerns have always been one of the main show stoppers so far for customers on their way to digitalization. Join Azure MVP Thomas Janetscheck for his breakout session and learn how to protect Azure resources from accidental deletion, how to harden your Azure infrastructure, and how to gain insights into what's going on in terms of security.

Azure Security Center will be the focus of this session but Tom is going to cover concepts such as RBAC and BYOK as well and spice it up with lots of demos.

What's new in Azure Security Center en

At Microsoft Ignite 2020, we announced quite a bunch of exciting news regarding Azure Security Center's cloud security posture management (CSPM) and cloud workload protection platform (CWPP) capabilities. In this session, you will learn what's new, and how Azure Security Center helps to manage and maintain security in your hybrid and multi-cloud environments.

Enterprise Security - how to protect identities, platform, and infrastructure with Microsoft tools en

Join Principal Cloud Security Architect, Microsoft MVP and NinjaCat Tom Janetscheck for this demo-only session about identity, infrastructure and platform security, monitoring, and cyber threat hunting with the Microsoft cloud.

You will witness live attacks and remediations, learn how to easily implement the most important security principles (and how to avoid pitfalls) and how Microsoft security tools such as Azure AD, Azure Security Center, and Azure Sentinel complement each other so you get the most out of your environments - be it in the cloud or on premises.

Cloud Security Posture Management (CSPM) with Azure Security Center en

Even with big investments in threat detection across the security industry, studies show that bad security hygiene is still the number one reason organizations get compromised. Meaning, visibility and control over your cloud workloads’ security posture is an imperative measure to reduce the likelihood of attackers exploiting misconfigurations and known vulnerabilities in your environment.
In this session, we’ll demonstrate how to utilize Azure Security Center (ASC) to provide visibility and control over different workloads in Azure and beyond. From preventative remediation of security recommendations to the utilization of secure score as your main KPI to drive security posture management. Learn about ASCs threat detection options as well as its capabilities to address the Cloud Security Posture Management (CSPM) and Cloud Workload Protection Platform (CWPP) scenarios.

Azure Security Center 101 en de

Security is one of the main objectives when thinking about moving resources to the cloud. In this theater session you will get a high-level overview on Azure Security Center, a unified security management solution that helps you to find, fix and prevent security issues in your Azure environment.

Beyond that, Tom will show in a live demo how easy it is to attack a server and what Azure Security Center offers to prevent such an attack.

Azure Security Center en de

Sicherheit ist eines der Kernthemen, um die es geht, wenn man darüber nachdenkt, in die Cloud zu wandern. In dieser Theater-Session bekommt Ihr einen Überblick über Azure Security Center, eine einheitliche Lösung zur Sicherheitsverwaltung die Euch dabei unterstützt, Sicherheitsproblemen in Eurer Cloudumgebung vorzubeugen, sie zu finden und zu beheben. Darüber hinaus zeigt Tom in seiner Livedemo, wie einfach es ist, einen Server anzugreifen und welche Technologien Azure Security Center bietet, um das zu verhindern.

How to deploy Defender for Cloud at scale? en de

While Microsoft Defender for Cloud should be used in every hybrid cloud environment, there is a common misconception that it is enabled on Azure by default. Also, there are some wrong assumptions when it comes to Log Analytics workspace and agent designs. In this technical deep dive, we will demystify Microsoft Defender for Cloud’s onboarding process, talk about auto-provisioning of agents and extensions, and unleash the gotchas in deploying Defender for Cloud on Azure, in hybrid, or in multi-cloud environments.

How to deploy Defender for Cloud at scale? en de

Während Microsoft Defender for Cloud als Sicherheitslösung in allen hybriden und multi-cloud Umgebungen eingesetzt werden sollte, gibt es die falsche Annahme, dass der Service auf allen Azure Subscriptions automatisch aktiviert wird. Daneben sehen wir ständig wiederkehrende falsche Vermutungen bezüglich Log Analytics Workspace und Agenten Design.
In diesem technischen Deep Dive werden wir das Onboarding von Defender for Cloud entmystifizieren, über Auto-Provisioning von Agent und Extensions sprechen, und die Fallstricke im Zusammenhang mit der Bereitstellung von Defender for Cloud auf Azure, in hybriden, oder multi-cloud Umgebungen offen legen.

Sit back and relax while I secure your Azure environment en

Cloud computing and security always go hand in hand with each other. Join Azure MVP Tom Janetscheck for this live demo session to learn how (un)secure Azure ressources can be out of the box right after the deployment and what we need to do to secure and harden our environments. You will find out how to protect Azure resources from accidental deletion, how to improve your security posture in the cloud, and how to gain insights into what's going on in terms of security. But, most notably, you will learn how to make Microsoft Azure the most secure cloud platform of all!

In this demo-rich session Tom is going to cover security in Azure storage, networking, and compute as well as topics such as Azure Security Center and Sentinel, governance, and encryption.

Common sense in the world of Azure Governance en

Have you ever accidentaly deleted Azure resources or realized the different resource pricings in different Azure regions? Agile deployments and the "Let's get started" mindset are great but there are rules you need to comply with to get the best out of your Azure environments.
Join Azure MVP Tom Janetscheck to learn about Azure Governance, about what tools you have and how to use them, and what decisions you should make in advance to circle around pitfals.

Azure security - ultimate security in the cloud era en

In today's cloud era, admins struggle to keep their IT infrastructures secure. Cloud security is a shared responsibility and what we need is a new approach!

In this session, you will learn how to securely deploy and maintain Azure solutions, why automation is essential, what network security and encryption options you have, and how access control can prevent you from having sleepless nights.

We will successfully attack an Azure environment live on stage, dive deep into Azure Security Center, and see how we can use it to ultimately secure IT infrastructures on premises, hybrid, and on Azure.

Azure Security Center unleashed en

In cloud environments, management is increasingly distributed, attackers continue to innovate, and thus, cloud security management looks like mission impossible.

Join Azure MVP Tom Janetscheck for a deep-dive into Azure Security Center, witness on-stage live attacks against an Azure environment and learn what you need to know in order to secure an Azure environment.

Secure Azure resource deployments with Terraform en de

DevOps, infrastructure-as-code, and automated resource deployments are essential for obeying to governance and security concepts. Besides Azure CLI, ARM templates and PowerShell, Terraform is another tool to deploy infrastructure as code. In this session you will learn how Terraform works, what advantages it has compared to other infrastructure-as-code tools and how you can leverage it to securely deploy Azure resources.

Sichere Azure-Deployments mit Terraform en de

DevOps, infrastructure-as-code und automatisierte Bereitstellungen sind wichtig, um Governance- und Sicherheitskonzepte einzuhalten. Neben Azure CLI, ARM templates und PowerShell ist Terraform eine weitere Lösung, um Infrastructure-as-Code-Bereitstellungen anschieben zu können. In dieser Session werden Sie lernen, wie Terraform funktioniert, welche Vorteile es im Vergleich zu anderen Lösungen bietet und was es zu beachten gilt, damit Sie Ihre Infrastructure-as-Code-Bereitstellungen sicher durchführen können.

Secure DevOps: How to enable a culture of security in your DevOps team? en

“Assume breach - The question is not if there will be an attack but how to discover it as soon as it takes place!”

DevSecOps, SecDevOps, SecDevSecOpsSec - there are several terms that are excessively and permutably used to describe security in DevOps. Security has historically been important for operations and therefore still has high impact into how to run modern applications. But in a modern DevOps organization, you don’t have a separated operations team any more. This is why security nowadays needs to be established through the whole application lifecycle: starting with secure environments, secure code, testing, monitoring and application operation.
In this session, Microsoft MVPs Mike Kaufmann (Dev) and Tom Janetscheck (Ops) will give you insights into how to bring security to DevOps by means of real-life demos and notes from the field. You'll learn why governance, infrastructure-as-code and security belong together, what Microsoft Azure can offer to enhance your security posture in the cloud, and how to enable a culture of security by red team/blue team exercises and chaos engineering practices in your DevOps team.
Only with culture of security and the awareness of all participants in your entire application lifecycle you can secure your resources, your data and with it your business.

Threat hunting with the Microsoft cloud en

With the release of Azure Sentinel, Microsoft has shifted some features from Azure Security Center to their new threat hunting and SIEM/SOAR solution. But how do all the security tools Microsoft offers nowadays integrate with each other? How can you find a way through this security jungle? And how do you make sure to have the right tools in place when it comes to protecting your IT environments and hunting threats?
Join cloud security expert and Microsoft MVP Tom Janetscheck for this demo-rich session to get all these questions answered and to learn how to protect your cloud resources easily and efficiently.

Identity is the new perimeter en de

Today's IT landscape is characterised by SaaS applications, public cloud environments, and IoT. What they all have in common is identity as their central management interface. In terms of security, this means that today, it's more important than ever to securely manage identities in the cloud and on-premises and to make sure to be informed as soon as someone tries to get hold of them.

Join cloud security expert and Microsoft MVP Tom Janetscheck for this session and learn how to leverage Microsoft tools in Azure and on-premises to protect your identities, to see what happens when it happens, and how important it is to adhere to some easy principles when it comes to protecting your environments.

Hybride Identitäten - und jetzt? en de

Heutige IT-Landschaften sind geprägt von SaaS-Applikationen, hybriden Cloud-Umgebungen, und auch IoT ist eines der Schlagworte von Industrie 4.0. Was sie alle gemein haben, ist die Tatsache, dass der Schutz des Netzwerkes heute nicht mehr ausreicht, um moderne Umgebungen abzusichern. Es ist wichtiger, denn je, Identitäten in der Cloud, aber auch in der eigenen Umgebung sicher zu verwalten, damit Angriffsversuche jederzeit erkannt und abgewehrt werden, sie aber gleichzeitig auch die Angriffsfläche verringern können.

Erfahren Sie in diesem Vortrag von dem Cloud Security-Experten und Microsoft MVP Tom Janetscheck, wie Sie Microsoft-Tools sinnvoll einsetzen können, um sowohl Ihre Cloud-Identitäten, als auch Ihre lokalen Konten abzusichern. Mithilfe einer Vielzahl von Live-Demos werden Sie erkennen, welche einfachen Prinzipien notwendig sind, und wie Sie diese technisch umsetzen können, um Ihre hybriden Umgebungen vor Angriffen zu schützen, ohne Ihre Benutzer unnötig einzuschränken.

Techorama 2022 BE

May 2022 Antwerpen, Belgium

Azure Saturday - Belgrade 2020

February 2020 Belgrade, Serbia

Azure Lowlands

January 2020 Rotterdam, Netherlands

CloudBrew 2019 - A two-day Microsoft Azure event

December 2019 Mechelen, Belgium

Experts Live Europe 2019

November 2019 Prague, Czechia

Experts Live Norway 2019

May 2019 Oslo, Norway

Techorama Belgium 2019

May 2019 Antwerpen, Belgium

Intelligent Cloud Conference 2019

April 2019 Copenhagen, Denmark

AzureDay Poland

Azure infrastructure security - ultimate security in the cloud era

March 2019 Warsaw, Poland

Azure Saturday Berlin

February 2019 Berlin, Germany

Microsoft Ignite | The Tour Berlin

Sit back and relax while I secure your Azure environment

December 2018 Berlin, Germany

Experts Live Europe 2018

October 2018 Prague, Czechia

CloudBrew 2018 - A two-day Microsoft Azure event

October 2018 Mechelen, Belgium

Microsoft Ignite 2018

Two sessions about Azure Governance and Azure Security Center

September 2018 Orlando, Florida, United States

cim Lingen 2018

September 2018 Lingen, Germany

Insider Dev Tour 2018

Azure Backend Security für Entwickler

June 2018 Köln, Germany

Azure Saturday 2018

May 2018 Munich, Germany

Azure Saturday 2018 - Pre-Conference Workshop Day

Azure Governance & Security Deep Dive Workshop

May 2018 Munich, Germany

Azure Black Magic Training

Deep dive insights and hands-on training on Azure Infrastructure (storage, networking, compute)

May 2018 Munich, Germany

Global Azure Bootcamp 2018

Azure Security Best Practices

April 2018 Saarbrücken, Germany

Microsoft Tech Summit 2018

Azure Security Center,
Workshop: Build and manage your applications on Azure

February 2018 Frankfurt am Main, Germany

Azure Munich Meetup

Azure Security Center

February 2018 Munich, Germany

Azure Meetup Hamburg

Security in Azure

July 2017 Hamburg, Germany

Azure Saturday 2017

Business Continuity and Disaster Recovery in Azure

June 2017 Munich, Germany

Global Azure Bootcamp 2017

April 2017 Saarbrücken, Germany

Tom Janetscheck

Senior Program Manager, Microsoft Defender for Cloud

Saarbrücken, Germany