Pim Jacobs
Microsoft MVP & Principal Consultant @InSpark
Boxmeer, The Netherlands
Pim is an expert in Microsoft Identity Security & Network Access Security products and is one of owners of the Dutch Microsoft Entra Community. He is dedicated to the community by sharing his knowledge on meetups, events, youtube and his blog, for that he has earned the Microsoft MVP title for Security. Pim has done various designs and implementations, for customers hosting over 20.000 users, of all Microsoft Identity Security & Network Access Security products. Next to Identity Security & Network Access Security Pim has a lot of experience with the latest Microsoft products such as: Microsoft Defender, Microsoft Intune, Microsoft 365 and Windows 11
Pim is pragmatic in his approach and he listens to the requirements of customers which he translates from a functional to a technical perspective. Pim has good communication skills and able to turn complexity into simplicity. He combines keen technical expertise with a pleasant, open attitude, allowing him to build friendly relationships with colleagues and customers.
Links
Awards
Area of Expertise
Topics
Help, my developer is using secrets within his code! Defender for DevOps to the rescue!
The world we live in today can't run without software, automation and DevOps. With more and more people on earth we need to be intuitive and be smarter, meaning more and more automation. In some cases people tend to fall back to 'let's do this quick and dirty, because I've so many on my plate to work on'. This can lead to open-source dependencies, used in your code, vulnerable for attacks or worse credentials exposed in clear text.
During this session, you will learn how to take back control, in all of these matters, with the use of Defender for DevOps. We will explain how to configure Defender for DevOps, the insights it gives and guided with real-life demo's on how you can work with these insights and protect yourself against potential attacks!
After this session, you will have a clear understanding what the value-add of Defender for DevOps is and are able to implement it yourself from start to finish. This is a must-visit session for IT Pros and DevOps owners who want to make sure the right security controls are in place to protect applications and resources from code to cloud.
IT Are from Mars, (I)OT Are from Venus: Securing your IoT & OT environments with Defender for IoT
The pervasiveness, vulnerability, and cloud connectivity of Internet-of-Things (IoT) and Operational Technology (OT) devices represent a rapidly expanding, often unchecked, risk surface affecting a wider array of industries and organizations. The omnipresence of IoT therefore creates an expanded entry point and attack surface for attackers. With OT becoming more cloud-connected and the IT-OT gap closing, access to less secure or unprotected OT is opening the door for disruptive infrastructure attacks.
This session will give you an overview on how to secure your IoT and OT environment with Microsoft Defender for IoT so you don't make IoT the "Internet of Threat"! It will include walkthroughs and demo’s and integration with common solutions such as Defender for Endpoint and Microsoft Sentinel.
This is a must-visit session for those who think ‘Defense in Depth’ and want to make sure the right security controls are in place to protect IoT/OT next to IT.
Take Zero Trust to the next level with Azure AD Authentication Methods, Strengths & Contexts!
Today, protecting your valuable assets by protecting your digital identities, is important more than ever. Over the past years, organizations widely adopted Multi-Factor Authentication but that's definitely not the end goal! Today, Azure AD comes with three awesome features that can be used to improve your overall identity security, namely: Authentication Methods, Authentication strengths & Authentication context.
During this session, Jan and Pim will explain how each feature works, and more important, how they are intertwined with Azure AD Conditional Access! You will learn how to migrate and consolidate your legacy authentication methods for SSPR and Azure MFA to the new authentication methods policies. You will also learn how you can use authentication strengths to enforce phishing-resistant authentication methods to protect your valuable assets. And last but not least, you will learn how to use authentication context to protect your sensitive permissions with Azure AD. This all to take your Zero Trust approach to the next level.
After this session, you will have a clear understanding what the value-add is of Authentication Methods, Authentication Strengths & Authentication context. You are also able to implement it directly yourself from start to finish. IT Pros: it's time to buckle up for this jam-packed session and make sure the latest and greatest identity security controls are in place for your organization.
Make things easier on yourself, delegate!
With Microsoft's online services (like Azure and Office 365) a legion of possibilities are at your fingertips. But how do you prevent getting slowed down by day to day administrative work, like managing distribution lists, verifying Endpoint Manager device compliance and adding people into groups? The answer: Delegate!
During this session we will be looking into how you can delegate the usual day to day administrative tasks that go with managing Office 365, Endpoint Manager and Azure environments. By using Administrative Units, Endpoint Manager tagging, and configuring the right Exchange permissions you will be able to delegate a lot of the administrative work (overhead?) that for example your servicedesk-colleagues are fit to handle. Additionally, when implementing Identity Governance, you allow (specific) users for self-service when requesting access to specific applications, groups and Teams with the ability to set time limits on the access granted, practical for contractors as well. And finally, by implementing Access Reviews you allow (specific) users to validate active shared files to make sure no unwanted or expired access is granted to folks outside your organization. That way you can free up your time to focus on what really matters!
It can be very beneficial to delegate the right permissions and activities at the right time, to local support teams and (specific) end-/key-users, without compromising in security, by only giving out the permissions that are really required. Microsoft enables us to do just that in many ways, but what's possible and where do you start on setting this up? We will be going through the possibilities that are available for whom, and how to configure these.
Be a shepherd for your data. Protect- and prevent data leaks, it's that simple!
In a digitizing society more and more data is becoming available within the Microsoft 365 cloud today. Although we require devices to be compliant to synchronize data, users and guests are still able to download or copy data via the browser to unmanaged devices which is resulting in data leaks. During this session you'll learn how you can successfully prevent these scenarios with the use of Defender for Cloud Apps and make sure your data is protected against 'accidental' data leaks. We will show you how to configure Defender for Cloud Apps, what options are available to you and will 'leak' some live demos. After this session you'll have a clear understanding for which scenarios you're able to use Defender for Cloud Apps and how to configure this in your own environment.
Attack Surface Reduction rules... your best ally against ransomware attacks!
"Your files have been encrypted! To decrypt the files, follow the following instructions…" Behind this dreaded message is much more than the cybercriminal sending it. The deployment of ransomware is often the most visible (and painful) step in a much larger process, in which many criminal actors and activities together form a complex whole. It often drives organizations to desperation. Each stage of the ransomware kill chain offers opportunities to intervene, both offensive as well as defensive. In this session we'll focus on the defensive side and learn about reducing attack surfaces by detecting and preventing kill-chain attacks at an early stage with the use of Attack Surface Reduction rules.
After this session you're on par with the latest updates on ASR rules, guidance on how to use them effectively (we don't accept audit mode) and to gain insights with the help of advanced hunting. This is a must visit session for IT pro's who wants to break the ransomware kill chain!
Attack Surface Reduction rules... your best ally against ransomware!
"Your files have been encrypted! To decrypt the files, follow the following instructions…" Behind this dreaded message is much more than the cybercriminal sending it. The deployment of ransomware is often the most visible (and painful) step in a much larger process, in which many criminal actors and activities together form a complex whole. It often drives organizations to desperation. Each stage of the ransomware kill chain offers opportunities to intervene, both offensive as well as defensive. In this session we'll focus on the defensive side and learn about reducing attack surfaces by detecting and preventing kill-chain attacks at an early stage with the use of Attack Surface Reduction rules.
After this session you're on par with the latest updates on ASR rules, guidance on how to use them effectively (we don't accept audit mode) and to gain insights with the help of advanced hunting. This is a must visit session for IT pro's who wants to break the ransomware kill chain!
Be a guardian of your galaxy by implementing your Identity Governance strategy, it's that simple!
Starting your Identity Governance practice can be complicated, but if you take the right approach, it’s not as hard as you think either. Identity Governance exists of multiple features to govern your identity bases such as Identity Lifecycles, brand new Lifecycle Workflows, Access Lifecycles, and just-in-time access for user and guest accounts. During this session, you will learn how to get started with your Identity Governance implementation and how it can help you automate recurring tasks. Take back control as an IT administrator when it comes to the identities you’re managing and make your life easier by enabling those Identity Governance features. It’s that simple!
After this session, you will have plenty of inspiration to design your own Identity Governance strategy from start to finish. This is a must-visit session for IT Pros who want to ensure the right controls are in place for secure identity and access lifecycles!
Managing the unmanaged with Security Management for Defender for Endpoint
The security threat landscape is confusing and changing rapidly – there’s so much out there, how do you keep up to understand where the true risks are and keep your assets safe from bad actors? It all starts with insights and managing your endpoints. But what if they are not? Security Management sets the benchmark for unified protection regardless of how your endpoints are managed or aren’t managed at all. No matter how fragmented or complex the landscape of your endpoints looks, with Security Management you can manage and configure them without dependence of GPOs, SCCM, Endpoint Manager or 3rd party management. After this session you have a clear understanding of the various management scenarios, seen demo’s how the solution works and you’re able to define a strategy to kickstart your deployment to apply Security Management in your organization. Make the unknown known!
What’s new in Implementing a passwordless practice, how hard can it be?
Eliminating passwords isn’t easy, but it’s also probably not as hard as you think either. A variety of passwordless authentication options are made available to get rid of passwords, so users can use strong authentication methods like the Microsoft Authenticator App, Windows Hello or FIDO2 Security Keys. During this session you'll learn how to successfully implement an effective passwordless practice and eliminate passwords in a phased approach. This with a special focus on: ‘The latest functionalities which have been recently added’, ‘The various use-cases’ and ‘Focus on how you can use these passwordless functionalities in a hybrid world’. After this session you'll have a clear understanding what passwordless options exists, you’re able to choose the right one(s) and know how to introduce passwordless tomorrow in your environment!
Simplifying repetitive administrative tasks by using low-code solutions
Even in the fantastic world known as cloud, there are still repetitive administrative tasks that should be performed on a regular basis. Looking at Microsoft Endpoint Manager (MEM) those tasks could include something as simple as verifying the expiration date of the Apple MDM push certificate. And even though the task might be simple, the consequence could be high when tasks like these are forgotten. The same is applicable to something like expiring client secret or certificates on app registrations in Azure Active Directory (Azure AD). To avoid forgetting these types of activities, many of these activities can be relatively easy automated by using low-code solutions. In this sessions we will take you into the world of Azure Logic Apps in combination with MEM and Azure AD. We want to make you familiar with this powerful combination, and we want to help you get started by showing some nice examples.
Kickstart your Identity Governance practice in 45 minutes, where to start?
Starting your Identity Governance practice can be complicated, but if you take the right approach it’s not as hard as you think, either. Identity Governance exists of multiple components to govern your identity base, this by using identity lifecycles, access lifecycles and just-in-time access features for user and guest accounts. During this session you will learn how to get started with your Identity Governance implementation. Get back into control as an IT administrator when it comes to the identities you’re managing and even better how to make your life easier by enabling Identity Governance self-service features for your end users. After this sessions you will know what you need to do to implement an Identity Governance Strategy in your environment and what the best approach would be to go from start to finish. This is a must visit session for IT Administrators who wants to ensure right controls are in-place for secure productivity!
Azure AD Service principals, a new way hackers are using to get access!
During the first part of this session you will learn how you can prevent end users to give consents to (malicious) applications via the Azure AD. Get back in control as an IT admin by approving access to only those applications you’ve reviewed and therefore are trusted to access your company data!
In the second part of this session you will learn what a service principal is, how to create a service principal based on least access privileges and how you can make use of that in regards to automation with some live demo’s and examples!
Experts Live Netherlands 2023 Sessionize Event
Techorama 2023 Belgium Sessionize Event
Experts Live Netherlands 2022 Sessionize Event
WorkPlace Ninja Summit 2022 Sessionize Event
Techorama 2022 BE Sessionize Event
Nordic Virtual Summit 3rd Edition Sessionize Event
WorkPlace Ninja Virtual Edition 2021 Sessionize Event
Techorama 2021 Spring Edition Sessionize Event
EXPERTS LIVE NETHERLANDS 2020 Sessionize Event
Pim Jacobs
Microsoft MVP & Principal Consultant @InSpark
Boxmeer, The Netherlands
Links
Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.
Jump to top