Site icon Martin Haller, A blog about corporate IT protection and management

Talk: Microsoft Entra ID – Defense

Finally, the part for which I delved into the whole study of Entra ID. As defenders, we need to properly secure/protect the Entra ID environments of our clients. However, without studying the attacks – motivations, tactics, techniques, and procedures (TTP 😊), our defense would be based only on feelings.

With this part, I conclude our short series (in terms of the number of parts, not the amount of time – approximately 6 hours of training) on Entra ID:

If you haven’t seen the previous parts, I definitely recommend starting with them – the entire training is interconnected.

Microsoft Entra ID – Defense

Just like with the defense of on-premise environments, we build the defense of Entra ID on several pillars:

As always, I have prepared the mentioned topics for you, including illustrative demonstrations. I hope you will enjoy the training and that it will bring you new information, knowledge, or perspective. (slides)

As I mention at the end of the training, securing Entra ID doesn’t end with this episode, it rather begins. Microsoft 365 / Office 365 is an extensive and rapidly evolving environment. And it doesn’t look like the development will slow down in the coming years.

Tools we chose

When I was recording the training, I was still hesitating between several tools. In the end, we chose AdminDroid for archiving logs, reporting, and alerting.

This year we invested in new powerful servers, and we like the option of operating AdminDroid ourselves. We gain (at a good price):

We supplement AdminDroid with our own scripts that check the configuration of individual tenants and audit things with more complex logic.

Conclusion

This internal training was a matter for us in August/September (I’m publishing it on the blog with a delay). Now I’m already rested and working on internal training for Intune and MS Defender. Hopefully, everything goes smoothly 🤞.

May your networks stay secure,

Martin

Do you like topics, I write about?

It is not necessary to periodically visit my blog to check if there is a new article. Subscribe below for notifications. You will be the first one who will know about new article.

Exit mobile version