Security Ninja User Group 2412

Agenda
----------
8:15 Welcome and Ignite Recap - Thomas Kurth
----------
8:30 Deception with Defender - From Endpoint to Identity - Sven Gasser
Join us for an insightful session on the concept of deception in cybersecurity. Sven Gasser will delve into the idea and concept behind deception, explaining how it serves as a powerful tool to disrupt and break the kill chain in cyber attacks. This session will highlight the deceptive technologies currently offered by Microsoft, focusing on Microsoft Defender for Endpoint (MDE) and Microsoft Defender for Identity (MDI).
Participants will gain a comprehensive understanding of how to configure these deceptive technologies effectively. The session will also feature a demo to showcase the practical application of these tools in real-world scenarios.
----------
9:30 Break and Networking Time
----------
9:45 Microsoft Security Exposure Management - Tamás Szivós-Aradi
----------
10:45 Break and Networking Time
----------
11:00 Microsoft Sentinel lifecycle management at scale - Fabian Bader - Cyber Security Architect and Microsoft MVP
In this session, we will explore how to manage Microsoft Sentinel, a cloud-native, security information event management (SIEM) solution, securely at scale using GitHub and PowerShell.
I will share our journey of building our own solution, CSOC Foundation, discussing the challenges we faced, the solutions we implemented, the successes we achieved and what to avoid.
The session will not only cover the native integration provided by Microsoft but will offer real-world insights into how we at glueckkanja manage Analytics Rules, watchlists, functions, and other assets in large numbers for our customers Sentinel environments.
I will walk you through the strategies we employ to manage these components effectively and securely. We will discuss how we leverage the power of GitHub for version control and collaboration, and how we use PowerShell for task automation and configuration management.
By the end of this session, you will have gained valuable insights into managing Microsoft Sentinel at scale, and you will be equipped with the knowledge and skills to improve the security and efficiency of your own Sentinel environments.
----------
12:00 End Security Ninja's
Free to grab some lunch in the airport area and then join in the afternoon in the Workplace Ninja Meetup.
----------

If you want to contribute a session and show something you did, then you can submit sessions on Sessionize.

In the afternoon is the Workplace Ninja Switzerland community taking place. Therefore, if you want to attend, please sign-up there as well.

Location
We will physically meet at room Tessin (7. floor) in the RADISSON BLU HOTEL, ZURICH AIRPORT.

Signup

• Select the Join Button on this page

Side notes

• The community event is free of charge
• Special thanks to our host Microsoft for having us on site

About Security Ninja User Group
We want to build a security community in Switzerland focused on Microsoft Security products.

Join us on Thursday the 4th of December 2024 for the next Security Ninja Event hosted at room Tessin (7. floor) in the RADISSON BLU HOTEL, ZURICH AIRPORT.

We are looking forward to meeting you.

Be part of this community in Switzerland!