Last week, my colleague Jürgen and I had the pleasure of hosting a hands-on workshop at the TechConference in Vienna. The topic? One that’s increasingly critical in today’s hybrid identity landscape: Attack & Defense with Microsoft Entra.
🎯 Understanding the Threat Landscape
We kicked things off by diving into real-world attack patterns targeting identity infrastructures. From token theft to privilege escalation via misconfigured Conditional Access policies, we showcased how attackers think—and more importantly, how they move.
Participants got to see live demos of:
- Pass-the-Token attacks
- Consent phishing scenarios
- Abuse of legacy authentication protocols
The goal was clear: help attendees understand the anatomy of modern identity-based attacks.
🧰 Defense Strategies That Actually Work
After the adrenaline rush of the attack simulations, we shifted gears to defense. Using Microsoft Entra’s capabilities, we walked through how to:
- Harden Conditional Access policies
- Implement Identity Protection risk-based automation
- Monitor risky sign-ins and token anomalies
- Use Entra ID Governance to reduce standing privileges
We emphasized the importance of Zero Trust principles and how Entra can be a powerful ally in enforcing them.
🤝 Interactive, Practical, and Real
What made this workshop stand out was the open and engaging atmosphere. Instead of hands-on labs, we focused on live demonstrations and interactive discussions. Attendees followed along as we simulated real-world attack scenarios and walked through defense strategies step by step.
The audience was highly engaged—asking sharp questions, challenging assumptions, and sharing their own experiences. It turned into a dynamic exchange that went far beyond a typical slide deck.
🚀 What’s Next?
Let’s just say: stay tuned and be ready. We’ve got some exciting things in the pipeline—but we won’t spoil the surprise just yet. 😉
Big thanks to everyone who joined us in Vienna. And of course, to the TechConference team for putting together such a fantastic event.
Leave a Reply