- 25 May 2023
Know the unknown – The hidden treasure called Graph API
In this session, I take people into the underwater world of the Microsoft Cloud and the stored data. I'll show you how to get this data out and store it in Log Analytics. We have the option of using this data from Log Analytics for reporting and monitoring purposes....
Azure
Microsoft Sentinel the modern SIEM system
Everyone says that everyone would like to implement it, but it often fails because of the costs / sizing and the fear that the system will no longer perform adequately over the years. Microsoft has the answer to these problems, with Azure Sentinel you get a modern SIEM system based on a PaaS architecture and according to the pay-as-you-go principle....
Azure
Configuration in Azure. Done right.
When handling configuration in Azure, there's a really simple and quick way to do it. And then there's the RIGHT way to do it. In this session, we'll dive into the different options Azure provides to do configuration. And of course, we will show you how to use them. We'll not only show you example code, but also how you can use it locally while debugging. Of course we won't forget the known iss...
Azure
Our journey to a modern Windows workplace
What is a modern workplace and what steps have we taken to get there? In this session, I will take you on the journey of Nationale Nederlanden to a modern workplace. Like many Enterprise companies, NN's (Nationale Nederlanden) existing workspace was a traditionally managed Windows workplace (AD joined with Configuration Manager). Our new modern workspace is a cloud-managed workspace (Azure AD jo...
(Hybrid) Datacenter and Client Management
Azure RBAC, Access policies and other Azure Myths
In this years demo driven session we will dive into the world of access to and in Azure. The goal is to finally sort out what RBAC, Access Policies, Custom Roles and App permissions are, and what they are used for. We will also figure out the challenges caused by restricted access and how to overcome this. And we will make sure that everybody knows when to use what - as always supported by live de...
Azure
How to create a future proof Azure Naming Convention
"One of the most important aspects of moving to the cloud is to create a solid naming convention. You can't rename your resources so choosing a correct name is very important. In this session I'll share some tips to create a good naming convention. Off course I'll also give you some tips of things you should avoid doing."...
Azure
Conditional Access – the good, the bad and the ugly (EN)
A "Notes from the field" session packed with best practices and learning. What works really well in Conditional Access, what are the possible problems and what do you really need to pay attention to when configuring? A foray into practical tips for planning, implementing and rolling out conditional access...
Microsoft 365
Getting WaC: Workplace as Code with M365DSC
"Looking for Modern Workplace as Code? This session will tell you all about Microsoft365DSC: Desired State Configuration for your modern workplace. Exporting and comparing configurations, using blueprints and managing your Modern Workplace deployment through CI/CD pipelines? We'll cover everything in this session"...
Microsoft 365
Unleashing the Power of Microsoft Intune Community Tools
Unlock the full potential of Microsoft Intune with the help of the community! Join us for a demo-heavy session where we showcase the best and newest tools available in the Microsoft Intune community. From automating tasks to troubleshooting, these tools will make your life as an Intune admin easier and save you valuable time. Don't miss out on this opportunity to discover hidden gems in the commun...
(Hybrid) Datacenter and Client Management
From zero to hero with Azure Arc-enabled Infrastructure in 60 minutes
"Azure Arc-enabled infrastructure is a part of the Azure Arc service that allows you to manage infrastructure from all your environments, including on-premises, other public clouds, and even edge devices, in a seamless way. In this session, Wim and Micha will start by telling you all about how it can be used to easily provision, configure, update, monitor, and troubleshoot your existing infrast...
(Hybrid) Datacenter and Client Management
Getting started with Windows AutoPatch
"Last year Ken and Tim unveiled the Windows Autopatch service at ExpertsLive. Since then the service has evolved significantly. This year they are back to bring you an overview on the latest and greatest evolutions in Windows Autopatch Windows Autopatch is a service that automates the process of managing and rolling out updates for Windows and Microsoft 365 apps. It allows for IT admins to shif...
Microsoft 365
Sentinel & SOAR: the dreamteam
Become the saviour of your SecOps colleagues and learn how to automate recurring incidents. With a proper SOAR (Security Orchestration, Automation & Response) set-up Sentinel can drastically lower the workload your analysts are facing, reduce the response time and allow your analysts to spend time on incidents which are worth their time. In this session we'll look at what SOAR capabilities Sentine...
Azure
Intune Tips and Tricks – 2023 edition
"In an ever changing world of Intune it is not easy to keep up. In this updated session Peter and Tim share common tips and tricks for the Intune administrator. Peter and Tim will bring you up to speed on the latest and greatest features and bring you simple tips to work smarter, not harder. Learn how to automate simple tasks and processes, explore some hidden features using PowerShell ,improv...
Microsoft 365
Microsoft Defender for Office 365 evasion. The story of confirmed vulnerability
"Microsoft Defender for Office 365 safeguards your organization against malicious threats posed by email messages, links (URLs), and collaboration tools. Safe Attachments routes all messages and attachments that do not have a virus/malware signature to a special environment, and then uses machine learning and analysis techniques to detect malicious intent. Safe Links provides time-of-click v...
Microsoft 365
Azure Virtual Desktop – Behind the scenes
AVD is part of Azure and can be managed with the Azure Portal, PowerShell, and other solutions. It's also integrated with other Azure services like Azure Monitor. Let us reveal the APIs to get more information about the state of AVD, creating rules to monitor the AVD backend and alerts to get informed if something goes wrong. But be careful: Protect your hands with gloves while we reveal the insig...
Azure
I got 99 problems but cloud governance ain’t one!
Lets face it: a lot of Azure environments have started with a POC and then moved to PROD without proper governance. A common scenario that introduces a lot of risks. Join this session how you can implement governance in your Azure environment using the build-in governance tools. We'll go over the proper placement of resources, subscriptions, enforce naming, creating insights in your environment an...
Azure
Going passwordless in 15 minutes
"Passwords are so 2021! Go passwordless! During this no slides/demo only lightning talk we will show you how to switch from passwords to passwordless in 15min. You will learn key point to consider during your migration and what options there are to start the journey to passwordless today."...
Microsoft 365
Automate your tenant with PowerShell and Azure Functions
This talk will introduce you to the capabilities of Azure PowerShell Function Apps for Azure administration, interactions with Microsoft 365 and much more. We'll explore the possibilities of these apps through real-world examples, and then guide you through the process of creating and deploying your own Azure Function Apps using PowerShell. With hands-on demonstrations, you'll be equipped to utili...
Azure
Never forget another Microsoft Intune administrative task by using low-code solutions
Did you ever forget to renew a certificate in Microsoft Intune? Or a token? Or did you miss that a connector was broken? If so, you're not alone! It can happen to anyone! The question that remains however is: how do you prevent that from happening the next time? In this demo-rich session we'll dive into some low-code options for checking the status of different components in Microsoft Intune, so w...
Microsoft 365
Demystify Azure AD workload identities
"Identities of apps and services (workloads) are gaining privileged access and are used on a wide scale (especially in DevOps or large high-automated environments). Attack techniques (for example, in case of NOBELIUM attacks) has shown that service principals will be used for initial and persistent access (to create a ""backdoor"" in Azure AD). Securing credentials, limit and detecting suspici...
Microsoft 365
It’s always DNS – Now including cloud native DNS resolvers!
Ever had this situation where you couldn’t reach a database or other service while it should work? In how many of these cases was the issue related to DNS in the end? The headaches of getting the DNS to work properly in complex environments with multiple domains and networks is tricky enough as it is. But now Microsoft Azure has introduced the “Azure Private DNS resolver” which is a cloud na...
(Hybrid) Datacenter and Client Management
Building a PAW for and through the cloud.
Just like in an on-premises environment, administrative access to cloud resources can be compromised fairly easily, especially if you are using your day-to-day device for both work and admin tasks. To avoid stealing your session cookie or even your PRT, you should be using a Privileged Access Workstation (PAW). In this session, Michael will walk you through the process of how you can create a Priv...
Microsoft 365
Take Zero Trust to the next level with Azure AD Authentication Methods, Strengths & Contexts!
"Today, protecting your valuable assets by protecting your digital identities, is important more than ever. Over the past years, organizations widely adopted Multi-Factor Authentication but that's definitely not the end goal! Today, Azure AD comes with three awesome features that can be used to improve your overall identity security, namely: Authentication Methods, Authentication strengths & Authe...
Microsoft 365
Azure security: The do’s and Don’ts
In this session I'll discuss the ways of having more security in your Azure environment. I'll share tips and tricks of Azure services that you can use to enhance the overall security of your Azure environment. But also I'll show some things you should avoid doing....
Azure
Sh!t we got compromised. A session on monitoring and remediation using Microsoft 365 Defender.
"Its 3 am in the night, and your phone is going crazy. Incidents are coming and in you see that a Command and Control beacon is active. No time to get coffee, start your incident response adventure using the Microsoft security stack. In this session, we will share how a series of events led to a full compromise of a domain. - What were the security misconfigurations which led to the compromis...
Microsoft 365
The quick wins in the Microsoft secure score
"Microsoft's secure score helps you identify weaknesses and improvements within your tenant. At first glance, this list of recommendations might seem intimidating and never-ending. Well… so is the security landscape. Buckle up, we are going on an adventure! In this session, we will be discussing: What is the secure score and how does it work? - How to use it as a working tool - How to...
Microsoft 365
Microsoft Security Ask me Anything
In this session we will answer your Microsoft Sentinel and Microsoft 365 Defender questions. The panel is filled with Security MVPs and SMEs from the field and will at least consist of the following: Jeffrey Appel, Jeroen Jansen, Frans Oudendorp, Olaf Hartong, Kenneth van Surksum, Derk van der Woude and Gianni Castaldi...
Azure
Just apply the basics in your Azure AD tenant!
"With Microsoft's focus on Defender for * and Azure AD Premium P2 features, you might start to believe that you can't be successful in your identity and zero trust journeys when you don't have these products and licenses. The opposite is true: without doing the basics in your Azure AD tenant, all these advanced products don't perform as well as you'd think... From their extensive experience, Sa...
Microsoft 365
Inside Windows Autopilot
Ever wondered what happens during a Windows Autopilot deployment? In this session, we'll walk through the process step-by-step, exploring all the services that work together to enable the complete end-to-end solution....
Microsoft 365
Resurrecting Active Directory After a Ransomware Attack
"With cybercrime on the rise, ransomware attacks that target Active Directory—the primary identity store for most businesses worldwide—are as common as having a cup of coffee. According to Mandiant consultants, 90 percent of cyber incidents they investigate involve Active Directory in one way or another. Given that an attack on Active Directory is a “when” rather than “if” scenario, or...
Azure