Morten Knudsen

Morten Knudsen

Microsoft MVP Security & Azure Hybrid MVP, MCT, Cloud & Security Architect

Kolding, Denmark

Morten is Microsoft MVP Security & Azure Hybrid MVP, MCT and holds +20 active certifications. As a Cloud & Security Architect, he is very passionate about Azure Infrastructure, M365, Automation, Security, Hybrid Cloud - and blogs about these topics on mortenknudsen.net. He loves to travel with his family and is a PADI Dive Master & PADI Master Scuba Diver.


Area of Expertise

  • Information & Communications Technology


  • Logging
  • Security
  • defender for endpoint
  • Microsoft 365 Defender
  • Microsoft Defender for Cloud
  • Microsoft sentinel
  • Automation with PowerShell
  • Azure AD
  • Azure Arc
  • Defender for Identity
  • Microsoft Defender for Office 365
  • Microsoft Defender for Cloud Apps
  • Defender
  • azure defender
  • Microsoft Defender for Endpoint
  • Azure Identity Management
  • Identity Management
  • Identity Governance
  • Office 365 Identity
  • Azure Hybrid Identity
  • Microsoft (Azure) Identity
  • Identity and Access Management
  • microsoft defender
  • Microsoft Identity
  • Cloud Adoption Framework
  • Cloud Security
  • Cloud Automation
  • Cloud Technology
  • Cloud Security Architecture
  • Cloud Native Infrastructure
  • Cloud strategy
  • Cloud Advisory

Modern SecOps Management with Unified XDR, SIEM and Microsoft Security Copilot

In the realm of modern security operations (SecOps) management, the integration of XDR, SIEM, threat intelligence and Microsoft Security Copilot has revolutionized the landscape.

Throughout the session, we'll delve into subjects encompassing unified security administration, improved threat identification and response, and the utilization of AI-driven insights. Additionally, we'll explore how AI can simplify operations by correlating and integrating data across diverse security systems.

Witness live demonstrations illustrating how SOC Analysts can seamlessly navigate from detection and prevention to investigation and swift response using generative AI. These demos will showcase the effortless integration and management of security data across various environments, including endpoints, SaaS platforms, on-premises networks, and cloud infrastructure.

If you're seeking to elevate your security management practices, this session is a must-not-miss opportunity.

Entra Private Access: Secure identity based access to any app, anywhere from any device

Learn how Microsoft Entra Private Access provides your users - whether in an office or working remotely - secured access to your private, corporate resources using any private resource, port, and protocol – all using technologies that your admins knows and using licenses you might already have.

During the session, you will see how you can provision a secure tunnel access with SMB, RDP, SSH, HTTPS access to internal servers - all using technologies like Entra ID Enterprise Apps, Entra Conditional Access, Entra App Proxy, Windows Hello Cloud Kerberos Trust and Global Secure Access; Microsoft's Security Service Edge solution.

Microsoft Entra Private Access is a game-changer !

Mastering Your Logging Ninja Skills with LogAnalytics v2

Are you prepared for the deprecation of Azure LogAnalytics (v1) with Microsoft Monitoring Agent and HTTP Data Collector API? If not, this session is designed to provide you with comprehensive insights on navigating the transition smoothly to DCR-formatted logs, Azure Monitor Agent, and Log Ingestion API (LogAnalytics v2).

Get ready to delve into understanding Data Collection Rules, the Data Collection Endpoint, Table management, and mastering schema management. Additionally, learn effective methods to transform your data to address cost optimizations or comply with regulatory requirements.

For those new to LogAnalytics, this session offers inspiration on how leveraging custom log data can provide significant value for desired state reporting, monitoring, and troubleshooting.

By the session's conclusion, you'll also have learned about a Powershell module, AzLogDcrIngestPS, which is recommended by Microsoft in the official Learn documentation and has surpassed 1 million downloads within its first year. During this session, you'll have the opportunity to hear from the module's creator, empowering you to become proficient in logging like a ninja.

Level 300-400.
Duration of 45-60 min.

1) Get everyone ready before deprecation of MMA and HTTP Log Collector API
2) Understand the pitfalls and how to navigate around this using the provided PS module and guides
3) Learn the power of Data Collection Rules including data transformation (cost, compliance, normalization)

Previous sessions (pictures):

Unleash the Power of Azure Resource Graph

In this session, you'll gain profound insights into effectively querying the status of your Azure resources on a large scale, almost in real-time. This will encompass utilizing various tools such as the portal, Azure CLI, Powershell, .NET, Go, Java, JavaScript, Python, Ruby, and REST.

Expect an engaging demo-packed session that will showcase numerous samples illustrating use-cases such as automation, change tracking, health monitoring, resource inventory, and security and compliance audits.

Furthermore, by the session's conclusion, you'll have learned about an helpful (and free) Powershell module known as AzResourceGraphPS. This module offers over 100 pre-built KQL queries for Azure Resource Graph, and you'll have the opportunity to hear from the module's creator during this session.

Level 300. Duration of 45-60 min

1) Learn the power of Azure Resource Graph to query the state of Azure Resources at scale in near real time
2) Show real-life examples of how to query the data from lots of use-cases
3) Introduce participants to repository with +100 queries ready to use in their own environment

Privileged Access Strategy: Best Practices and Common Mistakes when Tiering Cloud and AD

Gain insights from real-life experiences on how to craft an effective privileged access strategy that supports "Just Enough, Just In Time" access while maintaining control and avoiding potential security breaches.

Explore the various use-cases, potential pitfalls, and limitations inherent in implementing privileged access using the Microsoft Enterprise Access Model, tailored to scale across multi-cloud environments and on-premise Active Directory setups.

Discover how to manage delegations to IT personnel and end-users using Entra Privileged Identity Management. This session will showcase specific examples of privileged access designs for platforms like Power BI, Azure Landing Zones, Intune, and more.

Still using legacy Active Directory, but would like to get PIM for AD, then come to this session to see it - based on PIM for Entra ID combined with AD TTL group membership.

By the session's conclusion, you'll also have learned about various useful (and free) community add-ons developed by the speaker, including tools like PIM Assignment Revoker, PIM Assignment Wizard, PIM Assignment Exporter, and PIM Baseline Automation.

Time 45-60 min.

1) Lessons learned of how to design privileged access strategy to scale to on-prem and multi-scale
2) Show real-life examples (templates) of how to support well-known workloads like Power BI, Azure landing zones, Intune, Exchange, etc.
3) Introduce participants to extra (free) add-ons to support advanced needs in PIM

Become a Intune Logging Ninja using Azure Custom Logs and Dashboards

Get ready to delve into understanding how you can use Intune and Azure to harness valuable custom data for insightful analysis of your infrastructure's security, operational health, costs, warranties, and more. Gain exclusive access to a community package of 15 dashboards and essential scripts – all complimentary and readily deployable.

For those new to LogAnalytics, this session offers inspiration on how leveraging custom log data can provide significant value enabling comprehensive state reporting, proactive monitoring, and troubleshooting.

Acquire the expertise to utilize KQL effectively, empowering you to query and present collected data across diverse formats, from dynamic dashboards to responsive alerting systems and versatile workbooks.

In addition, uncover the power of a highly recommended PowerShell module, AzLogDcrIngestPS, endorsed by Microsoft within their official Learn documentation. Boasting over 1 million downloads in its inaugural year, this session offers a unique opportunity to engage with the module's creator, empowering you to become proficient in logging like a true ninja.

Mastering Desired State Management with Microsoft KPIs and Recommendations

Learn how to pinpoint desired state deviations from best practices in your infrastructure, workloads, security, and identity management using Microsoft KPIs.

Understand how you can prepare your management about moving from "as-is" to "to-be" is a maturity journey which requires their involvement and understanding - especially when dealing with exceptions. We will go into deep, when and why exceptions occur and how to deal with them.

Get inspired of how to use custom logs to collect critical data from clients and servers to implement business specific KPIs and to detect deviations.

Experts Live India 2024 Sessionize Event

February 2024 Bengaluru, India

Azure Saturday Hamburg 2024 Sessionize Event

January 2024 Hamburg, Germany

India Cloud Security Summit 2023 Sessionize Event

December 2023

European Cloud Summit 2023

Automating the Transition to Log Ingestion API & Data Collection Rules for your Logs in LogAnalytics

December 2023 Wiesbaden, Germany

NIC Cloud Connect 2023 Sessionize Event

November 2023 Oslo, Norway

Azure Back to School 2023 Sessionize Event

September 2023

Global Azure 2023 - Bengaluru Sessionize Event

May 2023 Bengaluru, India

Morten Knudsen

Microsoft MVP Security & Azure Hybrid MVP, MCT, Cloud & Security Architect

Kolding, Denmark

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top