Cloud-Powered Compromise Blast Analysis - In the Trenches with Microsoft IT
Offered By: RSA Conference via YouTube
Course Description
Overview
Dive into a comprehensive exploration of Microsoft's innovative approach to identity compromise detection and remediation. Discover how the Identity Security and Protection team safeguards millions of authentications while protecting their own systems. Explore the collaboration between Microsoft's Identity product team and IT department in developing advanced blast analysis methods. Learn about the utilization of cloud logs, SIEMs, and advanced telemetry to uncover and address security breaches. Gain insights into the challenges of managing high-volume authentication processes and the importance of effective filtering techniques. Understand the critical role of identity as the new security perimeter and how Microsoft leverages its position as both a target and a customer to enhance security measures. Delve into the significance of credential management, log analysis, and the application of KQL in security operations. Benefit from lessons learned in the cybersecurity battlefield and get a glimpse of future developments in identity protection strategies.
Syllabus
Introduction
Microsoft is a target
Our battle ground
Identity is a new perimeter
Microsoft is a customer
Volume and scale
Filtering
Why is this important
Credentials
Logs
KQ
Working with Microsoft
Lessons from the Battle
Whats Next
Taught by
RSA Conference
Related Courses
Computer SecurityStanford University via Coursera Cryptography II
Stanford University via Coursera Malicious Software and its Underground Economy: Two Sides to Every Story
University of London International Programmes via Coursera Building an Information Risk Management Toolkit
University of Washington via Coursera Introduction to Cybersecurity
National Cybersecurity Institute at Excelsior College via Canvas Network