Microsoft Identity CXP team members, Tarek Dawoud and Mark Morowczynski, discuss topics like Conditional Access, phish-resistant MFA, evolving threats in cybersecurity, and the importance of learning KQL. They delve into passwordless authentication, Azure access management, and the significance of continuous security improvements.
Focus on Zero Trust architecture and passwordless authentication trends.
Implement risk-based conditional access for enhanced security posture.
Emphasize good security hygiene, governance, and the importance of KQL skills.
Deep dives
Introduction to the podcast reunion and guest introductions
The podcast episode marks a reunion as the hosts celebrate recording in person since episode 43 back in March 2020. Guest Mark and Terrick introduce themselves, highlighting their roles in customer engineering and architect management at Microsoft's Identity Division.
Focus on Zero Trust and Passwordless Initiatives
Terrick shares insights about their focus on Zero Trust architecture and passwordless initiatives. He notes a positive shift in customer perspectives towards embracing Zero Trust as a modern security approach. Additionally, the adoption of passwordless methods has doubled, indicating a significant trend towards more secure authentication practices.
Enhancing Security Through Risk-Based Conditional Access
Mark discusses the importance of implementing risk-based conditional access and enhancing overall security posture. By leveraging risk events and conditional access policies, organizations can proactively identify and mitigate security threats. The emphasis is on adopting strong authentication measures to safeguard sensitive applications and data.
Improving Security Hygiene and Governance Practices
The podcast emphasizes the significance of maintaining good security hygiene and governance practices. It underscores the need for organizations to regularly audit and review app permissions, ensuring appropriate access levels. The discussion highlights the importance of training users, implementing detective controls, and leveraging tools like Azure Monitor and workbooks for comprehensive security insights.
Promoting Kusto Query Language (KQL) Skill Development
The episode introduces KQL as an essential skill for managing Azure environments efficiently. The upcoming release of 'The Definitive Guide to KQL' aims to enhance readers' understanding of querying and analyzing data sets. The book covers foundational KQL commands, advanced querying techniques, and practical applications for threat hunting and security operations.
"Back by popular demand" - even if they do say so themselves! In this episode we are excited to welcome back to the show Tarek Dawoud and Mark Morowczynski from Microsoft's Identity CXP team. We discuss the current state of Identity and dive into Conditional Access, phish-resistant MFA, the latest threats and why attacks only get better, they never get worse. Tarek and Mark share some great tool tips and we close the episode by talking about Mark's new KQL book and how KQL is fast becoming an essential skill.
Here are the links to content mentioned in the episode:
Microsoft Digital Defense Report (https://aka.ms/mddr)
Road to the cloud - Moving from AD to AAD. (https://aka.ms/AD2AAD)
Video explaining how passkeys are phishing resistant (https://aka.ms/PhishingResistantExplained)
Entra ID assessment for customers to examine their environments (https://aka.ms/ZTAssess)
Hiding in the clouds - app consent and permissions (https://www.youtube.com/watch?v=mxOHcqHxpi8)
AzureADToolkit - script to go look at the over permissioned apps (https://github.com/microsoft/AzureADToolkit)
Legacy Protocol Workbook (https://techcommunity.microsoft.com/t5/microsoft-sentinel-blog/azure-sentinel-insecure-protocols-workbook-implementation-guide/ba-p/1197564)
Identity workbooks (https://learn.microsoft.com/en-us/entra/identity/monitoring-health/howto-use-workbooks#access-microsoft-entra-workbooks)
Tarek Dawoud is an expert of 10+ years in Microsoft's Identity division serving on the core directory team and for the past 4 years on the Customer Success Team. He is now the lead of the architect team writing white papers and creating workshops and reference architectures to facilitate customers' Identity journey to the cloud.
Mark Morowczynski is a Program Manager in the Identity CXP team. He works with some of the largest and most complex customers on their deployment of Azure AD. You can find Mark on Twitter (https://twitter.com/markmorow)
Check out Mark's book "The Definitive Guide to KQL" - Coupon code 'KUSTO' (https://www.microsoftpressstore.com/store/definitive-guide-to-kql-using-kusto-query-language-9780138293383)
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
