Speaker

Eric Woodruff

Eric Woodruff

Azure AD Nerd | Microsoft Security MVP

Schenectady, New York, United States

A Microsoft Security MVP, Eric has held a mix of roles through his 23 plus years in the field – as a technical manager in the public sector, a Sr. Premier Field Engineer at Microsoft, and a Security and Identity Architect in the Microsoft partner ecosystem. Currently working at the ITDR pioneer Semperis as a Product Technical Specialist, Eric’s unique history from “different sides of the fence” combine and lend to his Microsoft Identity expertise as well as his views on the identity and security industry. During his free time, he participates on the IDPro Body of Knowledge Committee, blogs about Azure AD and related cloud security topics, and works to support the industry community.

Awards

Area of Expertise

  • Information & Communications Technology

Topics

  • Azure AD
  • Azure AD B2B
  • Azure Active Directory
  • Microsoft 365
  • Identity and Access Management
  • Identity Governance
  • Identity Protection
  • Microsoft Identity
  • Microsoft Defender for Identity
  • Digital identity
  • Azure Hybrid Identity
  • Microsoft 365 Security
  • Azure Security
  • Identity Design
  • Microsoft Identity Platform
  • FIDO2
  • Active Directory
  • Passwordless

Identity and Security: It’s time for a hug

While the roles of identity and security practitioners have been around for a good long time, the two groups have not always operated with cohesion, even in the world today where the saying goes - identity is the new security perimeter.

Some of this separation has grown out of history – Active Directory has historically been managed by infrastructure teams, vendor and OS differences have increased tension, and even in organizations where “everyone is a security practitioner” is a motto, the separation between security and infrastructure teams is apparent.

We are at a turning point, and we have a choice of how to forge the path ahead. While we have a good set of identity-related security researchers, many identity and security practitioners at organizations are siloed, and many times working in different directions.

It’s time that we come together and build these relationships, even if the companies we work for are not forging them.

This talk will focus on how identity and security can effectively work together, both technically and culturally. The experience gathered for discussion is from my experience having worked in organizations with polarized teams, as well as my time at Microsoft and at Microsoft partners as a consultant, having had conversations, workshops and engagements with hundreds of customers covering topics around identity and security. It will also focus on the need to bring identity into the security conversations – not just from a technology perspective – as many security products focus on identity technologies – but from a cultural perspective within the industry.

BSides SLC

December 2022 Sandy, Utah, United States

Eric Woodruff

Azure AD Nerd | Microsoft Security MVP

Schenectady, New York, United States