Handing over the keys to your authentication systems to a cloud provider can be a big ask for many security people. In a zero-trust world, where breaches occur daily, it's important to know and understand how protections are configured and managed by your cloud provider. In this session, we'll look at how Microsoft Azure Active Directory protects identity for organizations running Office 365, Azure and other Microsoft services. We'll dig into the logic behind the alerting and how you can use this logic to further secure your identities and access to sensitive data in your own environment. Lastly, we'll take a look at how the Solorigate attack took place and how that impacts an organization's strategy for detecting and protecting attacks on their identity infrastructure.