With the adoption of cloud-based applications and hybrid work environments, the security perimeter is redefined from firewall-based security to Identity based security. Zero Trust offers a more proactive and granular approach to security, assuming that no entity within or outside the network should be trusted without continuous verification. In this session, we explored how Microsoft Entra ID can be leveraged to implement Zero Trust principles for application security. 

We discussed the key benefits of Zero Trust, including: 

• A unified strategy: Building a security strategy that includes what you already own. 
• Enhanced security: Protecting your applications from unauthorized access and data breaches. 
• Reduced risk: Minimizing the impact of security incidents. 
• Increased productivity: Enabling secure and seamless access to applications. 

Entra ID, the Identity Management platform for all of Microsoft’s Cloud infrastructure and software services, does not only cater to traditional directory services but also application registrations and, more importantly, security. Identity administrators across the globe have been facing the enormous task of understanding application security patterns and practices. While security standards and frameworks like NIST, ISO 27001, and FISMA exist, many organizations are still figuring out how to apply these standards to Entra ID applications specifically. 

This session will give you the confidence to appropriately secure and govern your Entra ID Applications and Identities for an improved security posture and compliance with real-world standards. 

With application deployment in the Microsoft cloud as easy as adding a Teams app, Identity, and Security administrators have been inundated with applications popping up in their tenants, with very little knowledge about what they are and what they do. Yes, you should be worried.

Don't let application security vulnerabilities catch you off guard. Equip yourself with the knowledge and tools to protect your applications and the identities they're tied to in Entra ID.

Take advantage of insights that could transform your approach to SaaS application security! With SaaS applications integrated heavily into our Microsoft 365 and Entra ID tenants and user identities, ensuring their security is more critical than ever. 

Understand the 'red flags,' most significant risks, and challenges companies face and unlock the secrets of SaaS Security Posture Management.

Drawing from a decade of practical, hands-on experience with Entra ID (A.K.A. - Azure Active Directory), Nicolas Blank and Alistair Pugin share key strategies and methodologies to streamline Entra ID deployment while ensuring adherence to compliance, bolstered security, and operational efficiency. In this session, we cover: 

• Defining Clear Policies and Roles 
• Implementing Robust Access Controls 
• Designing and enforcing access control mechanisms 
• Harnessing Entra ID features 
• Monitoring and Auditing Mechanisms 
• Addressing User and App Lifecycle Management Challenges 
• Role Mapping and Privileged Access Management 

Join us for a webinar on Wed, March 20th at 10 am PST, where Alistair Pugin and Nicolas Blank will walk you through how to identify risky apps in your Entra ID tenant and, more importantly – the steps you need to take next to fix and securely configure applications. They’ll focus on things like:

• How applications are deployed 
• What security really means in Entra ID 
• How to make sure that your applications are secured 
• How to continuously evaluate your Application Security Posture

In this session, Microsoft MVPs Alistair Pugin and Nicolas Blank will explore the top 5 risks associated with application security and more, including: 

• A break down of the recent "Midnight Blizzard" attack on Microsoft
• Injection attacks 
• Broken authentication and session management 
• Sensitive data exposure 
• Security misconfiguration 
• Insufficient logging and monitoring