![Page 1: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/1.jpg)
Securing your credentials…
in every cloud
@ShaldaChris
Chris Shalda
Microsoft Solutions Architect
![Page 2: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/2.jpg)
![Page 3: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/3.jpg)
![Page 4: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/4.jpg)
REVOLUTION
TODAY, YOU ARE EXPERIENCING A
OF CYBER-THREATS
![Page 5: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/5.jpg)
Wall Street Journal, JP Morgan, White House, Bushehr nuclear reactor, RSA, Microsoft, Google, Apple, Facebook, Sony, Target, Heartland ,EBay Heartland ICANN Home Depot
struggling
![Page 6: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/6.jpg)
THE EVOLUTION OF ATTACKS
Volume and Impact
Script Kiddies
BLASTER, SLAMMER
Motive: Mischief
2003-2004
![Page 7: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/7.jpg)
THE EVOLUTION OF ATTACKS
2005-PRESENT
Organized Crime
RANSOMWARE, CLICK-FRAUD,
IDENTITY THEFT
Motive: Profit
Script Kiddies
BLASTER, SLAMMER
Motive: Mischief
2003-2004
![Page 8: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/8.jpg)
THE EVOLUTION OF ATTACKS
2005-PRESENT
Organized Crime
RANSOMWARE, CLICK-FRAUD,
IDENTITY THEFT
Motive: Profit
Script Kiddies
BLASTER, SLAMMER
Motive: Mischief
2012 - Beyond
Nation States, Activists,
Terror Groups
BRAZEN, COMPLEX,
PERSISTENT
Motives:IP Theft,Damage,
Disruption
2003-2004
![Page 9: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/9.jpg)
:)
THE ANATOMY OF AN ATTACK
Healthy Computer
User Receives Email
User Lured to Malicious Site
Device Infected with
Malware
![Page 10: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/10.jpg)
HelpDesk Logs into Device
Identity Stolen, Attacker Has
Increased Privs
:)
Healthy Computer
User Receives Email
User Lured to Malicious Site
Device Infected with
Malware
![Page 11: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/11.jpg)
User Lured to Malicious Site
Device Infected with
Malware
HelpDesk Logs into Device
Identity Stolen, Attacker Has
Increased Privs
User Receives Email
![Page 12: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/12.jpg)
![Page 13: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/13.jpg)
DEFENDING AGAINST MODERN SECURITY THREATS
SECURED DEVICES
SECURED IDENTITIES
INFORMATIONPROTECTION
THREAT RESISTANCE
![Page 14: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/14.jpg)
HARDWARE ROOTED TRUST
SECURED DEVICES
SECURED IDENTITIES
INFORMATIONPROTECTION
THREAT RESISTANCE
![Page 15: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/15.jpg)
Device integrity
Cryptographic processing
Biometric sensors
Virtualization
SECURED HARDWARE
SECURE ROOTS OF TRUST
![Page 16: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/16.jpg)
Traditional Platform Stack
Apps
Windows Platform Services
![Page 17: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/17.jpg)
Virtualization Based Security (VBS)
Virtualization Based Security (VSM) Environment
Tru
stle
t#
1
Windows
AppsTr
ust
let
#2
Tru
stle
t#
3
Windows Platform Services
![Page 18: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/18.jpg)
Windows Hello
Microsoft Passport
BitLocker
Enterprise Data Protection
Device Guard
Windows Defender
UEFI Secure Boot
TPM 2.0, Virtualization
![Page 19: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/19.jpg)
THE END OF PASSWORDS, TWO-FACTOR FOR EVERYONE
HARDWARE ROOTED TRUST
SECURED DEVICES
SECURED IDENTITIES
INFORMATIONPROTECTION
THREAT RESISTANCE
![Page 20: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/20.jpg)
WINDOWS 10 IDENTITY GOALS
Mainstream two-factor authentication
Make credentials theft resistant and breach and phish proof
Deliver solution to both consumer and business users
Use credentials on familiar mobile devices for desktop sign-in
![Page 21: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/21.jpg)
USER IDENTITY & AUTHENTICATION
![Page 22: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/22.jpg)
SHARED SECRETS
shhh!
Easily mishandled or lost
(Hint: The user is the problem)
![Page 23: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/23.jpg)
Internet username and password
User
THE SITES WE USE ARE A WEAK LINK
Bad Guy
1
Social
.com
Bank
.com
Network
.com
LOL
.com
Obscure
.com1
2
![Page 24: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/24.jpg)
User
1
3
5
Device
IDP
IDP
IDP
2
4
Network
Resource
THE USER AND DEVICE ARE THE WEAK LINKS
Bad Guy
![Page 25: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/25.jpg)
PKI SOLUTIONS
Complex, costly, and under attack
![Page 26: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/26.jpg)
1
Windows 8.1
User
2
IDP
Active Directory
3
4 5
6Network
Resource
THE CA
IS UNDER ATTACK
Bad Guy
![Page 27: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/27.jpg)
LIMITED USE OF MFA CREATES WEAK LINKS
User
UN/Password
High-value assets
Most network resources
![Page 28: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/28.jpg)
ENTERPRISE DEMANDS
Simplify implementation
Reduce costs
![Page 29: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/29.jpg)
MULTIFACTOR WITH EXISTING DEVICES
SIMPLIFYING DEPLOYMENT
![Page 30: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/30.jpg)
MICROSOFT PASSPORT DEVICE-BASED MULTI-FACTOR
UTILIZE FAMILIAR DEVICES
SECURED BY HARDWARE
USER CREDENTIAL
An asymmetrical key pair
Provisioned via PKI or created locally via Windows 10
![Page 31: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/31.jpg)
IDP
Active Directory
Azure AD
Microsoft Account
1
User
2
Windows10
3Intranet
Resource4
4Intranet
Resource
A NEW APPROACH
![Page 32: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/32.jpg)
PINSimplest implementation optionNo hardware dependenciesUser familiarity
Windows Hello Higher securityEase of useImpossible to forgetFingerprint, Facial, Iris
ACCESSING CREDENTIALS
Sample design, UI not final
![Page 33: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/33.jpg)
Attacker needs to know both your PIN and have access to your
device
TPM provides anti-hammering support to thwart offline attacks
Hardware bound keys cannot be stolen or replayed
PIN is never stored in the device or sent to server
![Page 34: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/34.jpg)
A world beyond passwords with two factor authentication
PIN or Biometric plus your device (PC or Phone)
Breach, theft, and phish proof identities
Single sign-on on-prem, on the web, across sites
Sign-in to devices using Azure Active Directory
IDENTITY FOR BUSINESS
![Page 35: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/35.jpg)
USER IDENTITY & AUTHENTICATIONDERIVED CREDENTIALS & ACCESS TOKENS
![Page 36: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/36.jpg)
“PASS THE HASH” ATTACKS
Today’s security challenge
![Page 37: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/37.jpg)
TODAY’S SECURITY
CHALLENGE
PASS THE HASH ATTACKS
![Page 38: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/38.jpg)
TODAY’S SECURITY
CHALLENGE
PASS THE HASH ATTACKS
Pass the hash attacks have gone from hypothetical to very real threats
Enables an attacker to steal derived user credentials using common hacking tools like MimiKatz
Once obtained an attacker is often able to steal additional derived user credentials and move laterally across network
Enables an attacker to frequently persist even once detected as they can move from one identity to the next
![Page 39: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/39.jpg)
Pass the Hash (PtH) attacks are the #1 go-to tool for hackers. Used in nearly every major breach and APT type of attack
Credential Guard uses VBS to isolate Windows authentication from Windows operating system
Fundamentally breaks delivered credential theft using MimiKatz, etc
TODAY’S SOLUTION
CREDENTIAL
GUARDProtects LSA Service (LSASS) and derived credentials (Kerberos Ticket; NTLM Hash)
![Page 40: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/40.jpg)
Credential Guard in VBS Environment = Decisive Mitigation
Virtualization Based Security (VBS) Environment
Cre
d G
uard
Windows
AppsTr
ust
let
#2
Tru
stle
t#
3
Windows Platform Services
![Page 41: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/41.jpg)
Provides a centralized storage of secrets/passwords in Active Directory (AD) - without additional computers
Each organization’s domain administrators determine which users are authorized to read the passwords
Credential Guard does NOT supersede LAPS – Credential Guard protects domain accounts NOT local accounts
COMPLIMENTARYSOLUTION
LOCAL ADMINISTRATOR
PASSWORD SOLUTION (LAPS)
Periodically randomizes local administrator passwords - ensures password update to AD succeeds before modifying local secrets/passwords
![Page 42: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/42.jpg)
Poll
Cloud Services
![Page 43: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/43.jpg)
Microsoft Azure Active Directory Premium
Microsoft Azure Rights Management Premium
Advanced Threat Analytics
Easily manage identities
across on-premises and cloud
Single sign-on and self-service
for corporate resources
Leverage PC management,
MDM, and MAM to protect
corporate apps and data on
almost any device
Encryption, identity, and
authorization to secure
corporate files and email across
phones, tablets, and PCs
Identify suspicious activities
and advanced threats in near
real time with simple,
actionable reporting
Behavior-based
threat analytics
Information
protection
Identity and access
management
Device and app
management
Microsoft Intune
System Center
Configuration Manager
![Page 44: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/44.jpg)
Identity as the core of enterprise mobility
Single sign-on
Microsoft Azure Active Directory
Self-service
Simple connection
On-premises
Other directories
Windows ServerActive Directory
SaaSAzure
Publiccloud
Cloud
![Page 45: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/45.jpg)
1 trillionAzure AD
authentications
since the release of
the service
>35kthird-party
applications used
with Azure AD
each month
>1.3
billion authentications every
day on Azure AD
More than
550 Muser accounts on
Azure AD
Azure AD
Directories
>7 M
86% of Fortune 500
companies use
Microsoft Cloud
(Azure, O365, CRM Online, and PowerBI)
Every Office 365 and Microsoft Azure customer uses Azure Active Directory
Microsoft’s “Identity Management as a Service (IDaaS)”
for organizations.
Millions of independent identity systems controlled by
enterprise and government “tenants.”
Information is owned and used by the controlling
organization—not by Microsoft.
Born-as-a-cloud directory for Office 365. Extended to
manage across many clouds.
Evolved to manage an organization’s relationships with
its customers/citizens and partners (B2C and B2B).
![Page 46: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/46.jpg)
1000s of apps, 1 identity
Making the lives of users (and IT) easier
Managing identities
Collaborating with partners
Enabling anytime/anywhere productivity
Identity-driven security
Connecting with consumers
Your domain controller as a service
![Page 47: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/47.jpg)
Azure Active Directory Connect and Connect Health
*
MIM
*
Microsoft AzureActive Directory
HR apps
OTHER DIRECTORIES
PowerShell
SQL (ODBC)
LDAP v3
Web Services ( SOAP, JAVA, REST)
Connect and sync on-premises directories with Azure
![Page 48: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/48.jpg)
Web apps
(Azure Active Directory Application Proxy)
Integrated
custom apps
SaaS apps
HR and Other Directories
2500+ popular SaaS apps
Connect and sync on-premises directories
with Azure
Easily publish on-premises web apps via
Application Proxy + Custom apps
through a rich standards-based platform
Microsoft Azure
Cloud HR
![Page 49: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/49.jpg)
Conditions
Allow access
Or
Block access
Actions
Enforce MFA per
user/per app
Location (IP range)
Device state
User groupUser
NOTIFICATIONS, ANALYSIS, REMEDIATION, RISK-BASED POLICIES
CLOUD APP DISCOVERY PRIVILEGED IDENTITY MANAGEMENT
MFA
IDENTITY PROTECTION
Risk
![Page 50: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/50.jpg)
Azure Active Directory Identity Protection
Consolidated view to examine
suspicious user activities and
configuration vulnerabilities
Remediation recommendations
Risk severity calculation
Risk-based policies for
protection for future threats
Brute force attacks
Leaked credentials
Infected devices
Suspicious sign-in
activities
Configuration
vulnerabilities
Risk-Based policies
![Page 51: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/51.jpg)
MONITOR AND PROTECT
Discover, restrict, and monitor privileged
identities and their access to resources
Enforce on-demand, just-in-time
administrative access when needed
Security Wizard
Alerts
Security reviews
![Page 52: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/52.jpg)
MONITOR AND PROTECT
Detect threats fast
with behavioral
analytics
Adapt as fast as
your enemies
Focus on what is
important fast using the
simple attack timeline
Reduce the fatigue
of false positives
No need to create rules or policies,
deploy agents, or monitor a flood of
security reports. The intelligence
needed is ready to analyze and is
continuously learning.
ATA continuously learns from the
organizational entity behavior (users,
devices, and resources) and adjusts
itself to reflect the changes in your
rapidly evolving enterprise.
The attack timeline is a clear, efficient,
and convenient feed that surfaces the
right things on a timeline, giving you
the power of perspective on the “who,
what, when, and how” of your
enterprise. It also provides
recommendations for next steps.
Alerts only happen once suspicious
activities are contextually
aggregated; not only comparing the
entity’s behavior to its own behavior,
but also to the profiles of other
entities in its interaction path.
![Page 53: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/53.jpg)
IDENTITY-DRIVEN SECURITY
ATA
Devices
and servers
Behavioral
analytics
Forensics for
known attacks
and issues
Advanced
Threat Analytics
Profile normal
entity behavior
(normal versus
abnormal)
Search for known
security attacks
and issues
Detect suspicious
user activities,
known attacks,
and issues
SIEM Active
Directory
![Page 54: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/54.jpg)
Advanced Threat Analytics
![Page 55: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/55.jpg)
Enterprise Mobility +Security
Protect your users, devices, and appsAZURE RIGHTS
MANAGEMENT
& SECURE
ISLANDS
Detect problems early with visibility
and threat analytics
Advanced
Threat
Analytics
MICROSOFT
INTUNE
Protect your data, everywhere
AZURE ACTIVE
DIRECTORY
IDENTITY
PROTECTION
Extend enterprise-grade security to your cloud and SaaS apps
Protect application access from identity attacks
MICROSOFT
CLOUD APP
SECURITY
IDENTITY-DRIVEN SECURITY
![Page 56: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/56.jpg)
56
![Page 57: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/57.jpg)
http://Aka.ms/LAPS
http://Aka.ms/CyberPAW
http://Aka.ms/LAPS
![Page 58: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/58.jpg)
http://aka.ms/HardenAD
http://aka.ms/ata
http://aka.ms/JEAhttp://aka.ms/CyberPAW
http://aka.ms/PAM http://aka.ms/AzurePIM
9872521
![Page 59: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/59.jpg)
http://aka.ms/privsec
http://aka.ms/Passport http://aka.ms/ESAE
http://aka.ms/shieldedvms
![Page 60: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/60.jpg)
SECURED DEVICES
SECURED IDENTITIES
INFORMATIONPROTECTION
THREAT RESISTANCE
ACTIVE THEAT PROTECTION
![Page 61: Securing your credentials… - Meetupfiles.meetup.com/19939022/Securing your credentials...PowerShell SQL (ODBC) LDAP v3 Web Services ( SOAP, JAVA, REST) Connect and sync on-premises](https://reader033.vdocuments.site/reader033/viewer/2022042806/5f69b4c5566d6531d3126853/html5/thumbnails/61.jpg)
HARDWARE ROOTED TRUST
TWO-FACTOR FOR EVERYONE
DATA LOSS PREVENTION
ACTIVE THEAT PROTECTION
SECURED DEVICES
SECURED IDENTITIES
INFORMATIONPROTECTION
THREAT RESISTANCE