Eric Woodruff

Eric Woodruff

Identity Nerd | Microsoft Security MVP

Schenectady, New York, United States

As a Microsoft Security Most Valuable Professional (MVP) and Microsoft Certified Trainer (MCT), Eric has held a mix of roles through his 23 plus years in the IT field. He has been a technical manager in the public sector, a Sr. Premier Field Engineer at Microsoft, and a Security and Identity Architect in the Microsoft partner ecosystem. Eric is currently a Product Technical Specialist at the ITDR pioneer Semperis, where his unique history from “different sides of the fence” strengthen and influence his Microsoft identity expertise and his views on the identity and security industry. In support of the professional community, Eric has spoken about identity security topics, participates on the IDPro Body of Knowledge Committee, and blogs about Entra and related cloud security topics.


Area of Expertise

  • Information & Communications Technology


  • Azure AD
  • Azure AD B2B
  • Azure Active Directory
  • Microsoft 365
  • Identity and Access Management
  • Identity Governance
  • Identity Protection
  • Microsoft Identity
  • Microsoft Defender for Identity
  • Digital identity
  • Azure Hybrid Identity
  • Microsoft 365 Security
  • Azure Security
  • Identity Design
  • Microsoft Identity Platform
  • FIDO2
  • Active Directory
  • Passwordless
  • Microsoft Entra
  • EntraID
  • Entra
  • Entra ID
  • AAD
  • passkeys
  • Identity Security
  • Identity Architecture
  • Information Security
  • cybersecurity
  • Emerging Cybersecurity Topics
  • Microsoft MVP
  • MVP
  • MS-MVP
  • Identity and Access Management security and Least-privilege Authorization

BSidesChicago 2023 Upcoming

November 2023 Chicago, Illinois, United States

CollabDays New England 2023 Upcoming

Session is "The common findings from real world Entra ID Security Assessments"


October 2023 Burlington, Massachusetts, United States

Triangle InfoSeCon 2023 Upcoming

October 2023 Raleigh, North Carolina, United States

Blue Team Con 2023

At Blue Team Con 2023 I delivered the session "Building Yourself Into a Stronger Identity Practitioner" to help security professionals understand the breadth and depth of blue and purple team positions available within the world of identity.


August 2023 Chicago, Illinois, United States

HIP Global 2023

My session was "Filet-O-Phish: What makes phishing-resistant authentication phishing-resistant", covering both why many forms of MFA and authentication are not resistant to modern phishing attacks, and why passkeys and technology like Windows Hello for Business are. The session included a live demonstration of the use of evilginx to perform a phishing attack and token replay to breach a users account into Office 365.

With the disappearance of the network perimeter, identity has become the last line of defense from cyberattacks. Hybrid Identity Protection (HIP) is a global events series focused on helping organizations meet the identity and access management challenges that arise in today’s fast-moving business environment. Our mission is to make the world a safer place through intelligent collaboration and knowledge sharing.

August 2023 New York City, New York, United States

Community Days NYC 2023

July 2023 Manhattan, New York, United States

BSides Rochester 2023

A discussion covering the management plane/metastructure for cloud environments, the relationship between the control plane and the management plane, and how highly privileged access could allow for vast access to resources if breached.

March 2023 Rochester, New York, United States

BSides SLC

December 2022 Sandy, Utah, United States

HIP New York 2022

November 2022 New York City, New York, United States

Eric Woodruff

Identity Nerd | Microsoft Security MVP

Schenectady, New York, United States