Privileged identities but also DevOps pipelines with privileged access needs particular attention in a cloud environment.

Over the last years Microsoft releases many design principles, best practices and security concepts for securing privileged access in Microsoft Azure.

This includes the new "Enterprise Access Model" (as evolution from the AD tier model) but also best practices from the Cloud Adoption Framework (CAF) to design identity and access for Azure workloads and management.

In my session I will speak about security considerations and solution approaches from my research work. This includes answers to the following questions:

- Which key points should be included in desgning a secure foundation for privileged identities?
- How can I prevent privilege escalation by implementing a well-designed and delegated Azure RBAC model?
- Which aspects should be considered in securing privileged Azure DevOps release pipelines?