Microsoft Entra ID has become an essential part of the "Identity & Access Management" in many organizations. Critical business applications and cloud services are integrated to Microsoft's cloud-based identity platform but also components to support hybrid identity scenarios in Active Directory (on-premises) have been implemented.

On the other hand, the "new control plane" is a growing target for cybercriminals. Microsoft Entra offers many security features and integration to other (Microsoft) security solutions to protect (hybrid) identities. But what are security considerations that should be considered in the design and implementation of a modern identity infrastructure? How can you track posture management changes and their impact in your environment?

In this session, I will talk and demonstrate a few usual examples of "misconfiguration" or weak implementations regarding the following four subject areas:

- Identity Security Posture and usual misconfiguration of security-related tenant settings
- Weakness in Conditional Access Policy Designs and risks of Token replay attacks
- Privileged Identity and Access in Microsoft Entra ID and "overlooked" privileged access paths
- App Integration and abuse by overprivileged workload identities