Workload Identity - The Future of Server Credentials | HYBRID

Join us for an insightful event exploring “Workload Identity” in the context of Azure and Kubernetes clusters. As digital transformation accelerates, traditional server credential management methods are becoming outdated. Discover how the concept of “Workload Identity” leverages identity federation and cloud-native technologies to enhance security, streamline credential management, and mitigate breaches.

THIS MEETUP WILL BE HYBRID. | Join remotely via this Zoom Link

*** AGENDA ***

• 6.30 PM | Doors open. Grab some snacks & drinks.
• 7:00 PM | Welcome & Intro Start of hybrid meetup
• 7:05 PM | Overview and Security of Microsoft Entra Workload ID by Thomas Naunheim (Cyber Security Architect @glueckkanja AG, Microsoft MVP)
• Short break
• ~8:05 PM | Workload Identity for applications without static credentials by Christian Fritz (Software Architect, QAware GmbH)
• afterwards: More snacks & drinks, and a lot of time for networking with all attendees and speakers.

*** ABSTRACTS ***

Overview and Security of Microsoft Entra Workload ID by Thomas Naunheim (Cyber Security Architect @glueckkanja AG, Microsoft MVP)

Identities of apps and services (workloads) are gaining privileged access and are used on a wide scale (especially in DevOps or large high-automated environments).
Attack techniques (for example, in case of NOBELIUM attacks) has shown that service principals will be used for initial and persistent access (to create a "backdoor" in Entra ID).
Securing credentials, limit and detecting suspicious access or managing lifecycle of workload identities can be a challenge.
In this session, I like to give an overview about the different types of workload identities, common (sensitive) use cases and how attacks or abuse can be mitigated of the different phases in the lifecycle.

Workload Identity for applications without static credentials by Christian Fritz (Software Architect, QAware GmbH)

Normally, the process is always the same; enter your access data and you have access to the service or can obtain a client credential token from the token provider. This is simple, but also dangerous, because the credentials that grant you access are hardly ever changed. This is exactly where workload identity comes into play, where the identity of the calling application itself grants access.
The talk explains the concept of workload identity, shows where it can already be used today and offers ideas for utilisation at service level inside a Kubernetes cluster.

*****************
Please note that photos are taken during the meetup. If you do not want to appear in the photos, please contact the meetup team at the beginning of the event.
***
Während unserer Meetups werden Fotos aufgenommen. Falls du nicht auf den Fotos erscheinen möchtest, sprich bitte zu Beginn der Veranstaltung mit unserem Meetup Team.