The event will open with a presentation on incident handling. During this presentation, the participants will receive some assistance on how to react correctly in the event of an incident and how they should prepare themselves sensibly for an emergency.
The partners will then go into the security of Active Directory and Azure, show possibilities for protecting identities, present a solution for security monitoring and present an offer for managed SOC services.
The presentations in detail:
Incident Handling - How to react correctly in the event of a security incident - cirosec, Stefan Strobel
Active Directory and Azure Security - SpecterOps BloodHound Enterprise
When an IT security incident occurs in a company, it is easy for those responsible to panic and not know exactly how to react. In this presentation, we would like to provide you with some assistance on how to react correctly in the event of an incident and how to prepare sensibly for an emergency so that the damage remains as small as possible and can be repaired quickly.
BloodHound Enterprise identifies attack paths for critical components of Active Directory and Microsoft 365 environments. It prioritises and quantifies trouble spots, giving managers the information they need to identify and eliminate the highest-risk attack paths.
Identity protection - Semperis
Semperis ensures the integrity and availability of critical enterprise directory services every step of the way, protecting identities from cyber-attacks, data leakage and operator error. The solution detects vulnerabilities in directories, can defend against ongoing cyber attacks and significantly reduces the time for any necessary recovery.
Continuous monitoring as the key to greater IT security - AMPEG
The key to maximum data security is a permanent 360-degree view of all security areas of the network. Without a continuous, detailed insight into the security structure, so-called "blind spots" are created that offer ideal opportunities to penetrate the network.
BlueVoyant - Managed SOC Services based on MS Sentinel or Splunk in the Cloud
Many companies use security products from Microsoft as AV solutions, EDR or for AD monitoring. At the same time, there is an increasing need to monitor such security systems and to verify and follow up on the alarms generated there. Since the events of the various Microsoft Defenders are already in the Microsoft cloud, new SOC operating models are becoming possible, where an external service provider no longer needs to operate its own SIEM, but only needs access to the sentinel in the Azure tenant of its customers. BlueVoyant is one of the most successful providers worldwide in this new area.
IT security officers, administrators, network managers, IT managers, IT security officers, data protection officers and auditors.