Get the most out from Microsoft Defender XDR

Empowering Your Security Defense with Microsoft Defender XDR

In today’s rapidly evolving threat landscape, organizations face increasingly sophisticated cyberattacks. Microsoft Defender XDR (Extended Detection and Response) is a comprehensive security solution designed to safeguard your digital assets across endpoints, identities, email, and cloud services. In this session, we explore how Microsoft Defender XDR goes beyond individual features, providing a holistic defense strategy.

Ready to harness the full potential of Microsoft Defender XDR? Dive deeper into its capabilities, explore best practices, and learn how to optimize your security posture here.

Remember, Microsoft Defender XDR isn’t just a product; it’s a strategic approach to defending your digital assets against evolving threats.

Securing the Unseen: Microsoft Defender for IoT Explained

As organizations increasingly adopt Internet of Things (IoT) devices, ensuring their security becomes paramount. Microsoft Defender for IoT offers a multi-layered defense approach, combining agentless monitoring via passive network traffic analysis (NTA) with endpoint micro-agents. In this session, we’ll delve into the architecture, deployment strategies, and real-world use cases of Defender for IoT. Join us to learn how to protect your IoT devices effectively and enhance your overall security posture.

Microsoft Defender for IoT provides comprehensive threat detection for IoT/OT environments. Whether you’re dealing with cloud, on-premises, or hybrid networks, this powerful solution helps safeguard your connected devices. In this session, we’ll explore the key features, deployment options, and best practices for securing your IoT infrastructure.

From Prompt to Playbook: Automating SOC Response with AI in Microsoft Sentinel

Automation in the SOC has traditionally required deep expertise in workflows, APIs, and scripting. But with the new AI-powered playbook generation in Microsoft Sentinel, that paradigm is changing.

In this session, we’ll explore how to use natural language to generate fully functional, code-based playbooks—transforming how security teams design and deploy automation. Powered by Microsoft Security Copilot, the playbook generator enables you to describe your intent and automatically produce Python-based workflows, complete with documentation and visual flow diagrams.

We’ll go beyond the basics and dive into advanced scenarios, including integration with external systems, enrichment pipelines, and decision-driven automation. You’ll learn how to design effective prompts, validate generated logic, and operationalize playbooks at scale using automation rules.

By the end of this session, you’ll understand how to shift from manual SOAR engineering to AI-assisted automation design, while still maintaining control, governance, and reliability.

Event-Driven Compliance: Advanced Microsoft Purview Automation with Advanced Workflows

Modern compliance requires real-time, automated responses to ever-changing risks. In this deep-dive session, we’ll explore how to build event-driven architectures around Microsoft Purview using the Azure Platform.

We’ll cover advanced scenarios such as chaining Purview events into multi-step workflows, integrating with security operations tools, applying conditional logic for policy enforcement, and building resilient, reusable automation patterns.

Designed for architects and advanced practitioners, this session focuses on practical implementation strategies, design considerations, and lessons learned from the field.

AI in the SOC: Hype vs Reality with Microsoft Defender XDR and Security Copilot

AI is everywhere in security—but is it actually making analysts better, or just faster? In this session, we critically examine how Microsoft Defender XDR and Microsoft Security Copilot impact real-world SOC operations. Through live scenarios, we’ll separate marketing from reality, showing where AI truly adds value—and where human expertise is still irreplaceable.

Identity Governance - A valid and secured Identity is gold!

A valid and secured Identity is gold!
Azure Active Directory (Azure AD) identity governance enable organizations to efficiently manage group memberships, manage access to enterprise applications and define role assignments. User's access can be reviewed on a regular basis to make sure only the right people have continued access. Identity governance helps you out in following cases:

- Manage your users with privileged roles
- Manage group access
- Using Just In Time access (JTA)
- Provide business critical data access
- Have reviews recur periodically

And more.
This session will help you to understand how access reviews and identity governance can help you with the this challenges.

Protect and review your access rights, permissions and guest users in Azure AD. An easy task? Yes, use Identity Governance!

Still behind the firewalls? Time to Zero Trust!

Zero Trust is a security model centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access. Implementing a true Zero Trust Model requires that all components of the model - identities, devices, apps, networks and applications — be validated and proven trustworthy. In an ideal Zero Trust environment, this contains scenarios like:

- Strong identities
- managed and trusted devices
- Least-privilege user rights
- Service health is verified

In this session we will identify some of this core scenarios for a real Zero Trust Maturity model using Microsoft cloud solutions.
Zero Trust: "Never trust, always verify".

Zero Trust access architecture addresses the modern security challenges that come with cloud migration and a mobile workforce. By implementing Zero Trust, Microsoft takes a layered approach to secure corporate and customer data.

Microsoft Purview - Getting started and keep an eye on your data!

You started with Microsoft 365, great! A lot of your data now moved to the cloud, so what's next? This session will show you how to get a good start on data protection using Microsoft Purview, especially Compliance Mangeer, Information Protection & DLP. Get the full overview of what Microsoft Purview is and how it can help protect our data at rest. Covering everything you need to know, to get started with data classification and how to use Sensitivity Labels on file and group levels to protect your data. And one of the most important: Know where your data is stored, even if data is travelling!

This session will show you how to get a good start using Microsoft Purview.

The immutable laws of security

Since the original immutable laws, information security has grown from a technical discipline into a cybersecurity risk management discipline that includes cloud, IoT and OT devices. Now security is part of the fabric of our daily lives, business risk discussions, elections, and more.

This session will cover the 10 laws of cybersecurity risks and show, how you can prevent against attackt during your daily job. A small extract of a few of this laws are:
"Cybersecurity is a team sport", "your network isn’t as trustworthy as you think it is" and "technology doesn't solve people and process problems". We will cover 7 more.

Since the original immutable laws, information security has grown from a technical discipline into a cybersecurity risk management discipline that includes cloud, IoT and OT devices. Learn more about the 10 laws of cybersecurity risks.

Still behind the Firewall? Use Microsoft Global Secure Access

In this session you will learn how to get startet withe the new Microsoft Global Secure Access. This contains Entra Internet Access & Entra Private Access. With Entra Internet Access you can extend adaptive, granular access controls for any remote user, device endpoint, or branch network as they connect to any internet destination and SaaS app without these destinations requiring native federation with identity providers.
Microsoft Entra Private Access, an identity-centric Zero Trust Network Access (ZTNA), reduces the operational complexity and cost of legacy VPNs, while eliminating excessive access and preventing lateral movement
We will provide you an overview, many demo's of how to configure the services and notes from the filed.

Use Entra Internet Access & Entra Private Access in your envoirnment. See in demo's and notes frome the files how it works.