Security Ninja User Group 2412

Agenda
----------
8:15 Welcome
----------
8:30 Open
If you want to contribute a session and show something you did, then you can submit sessions on Sessionize.
----------
9:30 Break and Networking Time
----------
9:45 Deception with Defender - From Endpoint to Identity - Sven Gasser
Join us for an insightful session on the concept of deception in cybersecurity. Sven Gasser will delve into the idea and concept behind deception, explaining how it serves as a powerful tool to disrupt and break the kill chain in cyber attacks. This session will highlight the deceptive technologies currently offered by Microsoft, focusing on Microsoft Defender for Endpoint (MDE) and Microsoft Defender for Identity (MDI).
Participants will gain a comprehensive understanding of how to configure these deceptive technologies effectively. The session will also feature a demo to showcase the practical application of these tools in real-world scenarios.
----------
10:45 Break and Networking Time
----------
11:00 Microsoft Sentinel lifecycle management at scale - Fabian Bader - Cyber Security Architect and Microsoft MVP
In this session, we will explore how to manage Microsoft Sentinel, a cloud-native, security information event management (SIEM) solution, securely at scale using GitHub and PowerShell.
I will share our journey of building our own solution, CSOC Foundation, discussing the challenges we faced, the solutions we implemented, the successes we achieved and what to avoid.
The session will not only cover the native integration provided by Microsoft but will offer real-world insights into how we at glueckkanja manage Analytics Rules, watchlists, functions, and other assets in large numbers for our customers Sentinel environments.
I will walk you through the strategies we employ to manage these components effectively and securely. We will discuss how we leverage the power of GitHub for version control and collaboration, and how we use PowerShell for task automation and configuration management.
By the end of this session, you will have gained valuable insights into managing Microsoft Sentinel at scale, and you will be equipped with the knowledge and skills to improve the security and efficiency of your own Sentinel environments.
----------
12:00 End Security Ninja's
Free to grab some lunch in the airport area and then join in the afternoon in the Workplace Ninja Meetup.
----------

If you want to contribute a session and show something you did, then you can submit sessions on Sessionize.

In the afternoon is the Workplace Ninja Switzerland community taking place. Therefore, if you want to attend, please sign-up there as well.

Location
We will physically meet at Microsoft at the Circle, Zurich Airport. Microsoft is located in Building No. 2, 10th floor.

Signup

• Select the Join Button on this page
• To enter the building, you need to have to correct name (First and Lastname) set in Meetup or if you have not your real name set, then fill out the following form so that we can register you.

Side notes

• The community event is free of charge
• We will meet up physically at Zurich Airport, The Circle 02, 8058 Zürich, Building No. 2, 10th floor
• Special thanks to our host Microsoft for having us on site

About Security Ninja User Group
We want to build a security community in Switzerland focused on Microsoft Security products.

Join us on Thursday the 4th of December 2024 for the next Security Ninja Event hosted at Microsoft Switzerland at the Circle, Zurich Airport.

We are looking forward to meeting you.

Be part of this community in Switzerland!