Azure AD Authentication Methods - What's hot or not?

With legacy authentication being disabled randomly on tenants from October 1, 2022. It has never been more important to look over the authentication methods you are offering to your users in conjunction with MFA.

Join Luke and Nathan in this quick-fire session as they are run over:

What authentication methods are available in Azure AD
What are the most/least secure methods available?
How do you ensure your Azure AD authentication methods have configured have the smallest attack surface?
How to move your users from insecure methods?

Technologies in this session will be

Azure AD

From Phish to Exfiltration: Safeguarding Your Organisation with Microsoft Security

Cyber attacks have become increasingly sophisticated, often targeting users through collaboration tools like Microsoft Teams. Attackers leverage techniques like AiTM (Adversary-in-the-Middle) to steal user credentials and execute automated data exfiltration before defenders even realise what’s happening. Organisations need to understand these emerging threats and how to defend against them effectively using Microsoft technologies.

What will be covered:
- How Teams phishing and social engineering attacks can unfold and mitigation techniques using Teams, and Defender for Office 365.
- Credential theft through AiTM reverse proxy attacks and the role that Conditional Access, Entra ID and Defender XDR has in mitigating these threats.
- Potential attacker footholds (persistence), how you can limit and proactively threat hunt for potential attempts.
- How to effectively configure Privileged Identity Management to stop privilege escalation in it's tracks.
- Automated data exfiltration and how Microsoft Purview and Defender for Cloud Apps provide visibility and protection.

By joining this session, attendees will gain a practical understanding of how cyber attacks evolve through phishing, session theft, and data exfiltration. They will learn how to deploy Microsoft’s security solutions to detect, prevent, and mitigate these threats, strengthening their defences against real-world attacks.

Products:
Defender for Office 365, Defender for Endpoint, Defender for Cloud Apps, Defender for Identity, Entra Identity Protection, Conditional Access, Privileged Identity Management, Microsoft Information Protection.

This session was delivered at Scottish Summit 2024 but with a Harry Potter twist to it - Decided to switch it up and remove the HP theme.

Defence Against the Digital Dark Arts: Securing the Wizarding World of Microsoft 365

In an era where dark forces loom not just in the shadows of enchanted forests but in the very wires and waves of our internet, the need for wizards and witches skilled in the Digital Dark Arts of cybersecurity has never been greater. Join us at this unique gathering, where the mundane meets the magical, to embark on an educational adventure through the wizarding world of Microsoft 365.



In "Defence Against the Digital Dark Arts: Securing the Wizarding World of Microsoft 365," we'll dive into the spellbinding realm of cybersecurity, where phishing spells, ransomware curses, and the dark enchantments of credential stuffing threaten the peace of our digital domains. We'll conjure demonstrations in a controlled Chamber of Secrets, revealing how these attacks manifest in the Microsoft 365 and Windows environments. But fear not, for we shall not leave you defenceless.



Armed with the enchanted shields of Microsoft Defender, the protective wards of Microsoft Entra, and the secretive cloaks provided by Microsoft Purview, we will teach you how to cast powerful counter-spells to protect your magical and muggle realms alike. From setting up spell-bound defences against phishing to conjuring barriers against the dark forces of ransomware, and enchanting your digital identity against credential theft, this session is your grimoire to combating the nefarious threats lurking in the digital shadows.



Prepare to be sorted into your cybersecurity houses, where you'll learn not just to defend against the Digital Dark Arts, but to foresee, prevent, and respond with the wisdom of Dumbledore and the courage of the Order of the Phoenix. Whether you're a seasoned cybersecurity wizard or a curious muggle eager to explore the magical world of digital defence, this session promises to be an enchanting adventure.



So, grab your wands, don your robes, and join us in this spellbinding session that promises to be as educational as it is entertaining.



In this session we will explore a variety of Microsoft 365 security services and features designed to protect against some of today's most common attacks.

Here's a list of services that will be covered:


Microsoft Defender for Office 365

Microsoft Defender for Endpoint

Microsoft Entra Identity Protection

Microsoft Defender for Cloud Apps

Microsoft Purview Information Protection

Microsoft Purview Data Loss Prevention

Microsoft Entra Conditional Access

Was delivered at Scottish Summit 2024