Conditional Access Policies in Microsoft Entra allows to empower users to be productive wherever and whenever but also protect the organization's assets. It's an essential component of the identity-driven security approach in Azure Active Directory. It also plays an important role as "Policy Engine" in Zero Trust implementations to "always verify" access by context and control.

Deep integration with Azure AD Identity Protection, Microsoft Cloud App Security but also 3rd Party allows extension of conditions and controls.

In this session we will do a walkthrough including hands-on demos, known limitations and notes from the field:

1. Overview of Conditional Access Policies
- Security Defaults vs. Custom Policies
- Principals of Signal, Decision and Enforcement

2. Design and Implementation
- Naming Convention
- Policies As Code
- Management of Exclusions

3. Common use cases and policies

4. Extension of Conditions and Controls
- User and Sign-In Risk with Azure Identity Protection
- App Control to Microsoft Cloud App Security

5. Monitoring and Reporting
- Insights and Workbooks
- Azure Sentinel