November 6-7, 2017 NEW YORK
≡
Mobile workforce, cloud applications, and enterprise digitization challenge identity professionals. If you are faced with securing and operating identity platforms, Hybrid Identity Protection Conference is the event for you.
Register Now |
Hybrid Identity Protection Conference offers identity professionals an opportunity to discover new possibilities and technologies around directory services in the on-premises, cloud, and hybrid enterprise. |
 |
Learn from and interact with the world's leading experts and see what cutting edge industry professionals are doing to revolutionize identity management and protection in the modern organization. |
 |
Acquire critical technical knowledge, discover best practices, and interact with your peers facing the same complex IAM needs in organizations with increasingly evolving and demanding requirements. |
Sean Deuby is an identity architect for Edgile, Inc., where he focuses on enterprise cloud identity and Active Directory solutions. Sean is a Microsoft MVP in the directory services and enterprise mobility expertise areas for 14 years.
Darren Mar-Elia is Head of Product at Semperis. Darren has 30 years of experience in enterprise IT and software and has been a Cloud and Datacenter MVP for the past 14 years.
Brian Desmond is a Principal Consultant with Ravenswood Technology Group. He is also the author of O’Reilly’s Active Directory book and a Microsoft MVP for Identity and Access Management.
Sean Metcalf is CTO at Trimarc Security, LLC and one of ~100 people globally who holds the Microsoft Certified Master Directory Services (MCM) certification. Sean presented on Active Directory attack and defense at Black Hat, Bsides, DEF CON, DerbyCon, Shakacon and Sp4rkCon security conferences.
Allen Brokken is a 20+ year Security and Identity veteran and is the Chief Architect, CyberSecurity at Ascent Solutions. He has consulted with some of the largest companies to help build successful Security Strategies both at Ascent Solutions and as an Enterprise Architect at Microsoft.
Joe Kaplan is an Identity Architect in Accenture’s internal IT organization where he focuses on solving real world problems for a large, complex business. Joe is a Microsoft MVP in Enterprise Mobility and is a co-author of the .NET Developer’s Guide to Directory Services Programming.
Sander Berkouwer is an identity architect from the Netherlands, focusing on Azure, Active Directory and Azure Active Directory. Sander is a Microsoft MVP and Veeam Vanguard.
John Savill is a Principal Solutions Architect, 11-time MVP, and MCSE for Azure Infrastructure and Windows Server 2016. He's also Azure certified, ITIL certified and a CISSP. John is the author of FAQ for Windows and a senior contributing editor to IT Pro, as well as the author of eight books including Mastering Azure Infrastructure Services (Wiley).
Roelf Zomerman is a Microsoft Cloud Solution Architect, specializing in the architecture of complex solutions in Azure and on-premises products such as Active Directory, Exchange, Windows Server products and other Microsoft solutions. Roelf is one of very few globally who was awarded with the Microsoft Certified Master Certification in Active Directory Services.
Tomasz is a technology expert on digital identity and governance, leading and advising for IT projects worldwide. With over 17 years of experience in identity area, and multiple MVP titles, Tomasz is leading Predica in its technical choices and directions as CTO.
Jorge has a very strong focus on and passion about Microsoft Identity & Access Management technologies, both on-premises and in the cloud. He blogs at “Jorge’s Quest For Knowledge!” and has been a Microsoft MVP for Identity and Access Management since 2006.
Michael is an Active Directory Security expert who works at Microsoft as a Premier Field Engineer. He is also the author of the DSInternals PowerShell module.
With over 15 years of experience in the Identity and Access Management (IAM) field, Guy leads the technical solution strategy and engineering for Semperis.
Mickey brings to Semperis a vast experience in the enterprise software field, stretching back from his management roles in the Israeli Defense Force Navy computing technical unit, over a decade ago.
| 08:30-09:45 am - Registration, breakfast, networking | ||
| 09:45-10:00 am - Opening remarks and welcome, Gil Kirkpatrick | ||
| 10:00-11:00 am - Attacking Active Directory: New Tools and Techniques for Using your AD Against You, Darren Mar-Elia | 10:00-11:00 am - Beyond the Border: Protecting Office 365 Data in a Modern World, Brian Desmond | |
 Darren Mar-Elia | In this talk, Darren will discuss and demo recent “red team” tools that let attackers mine your AD for information about how to attack you and move throughout your environment. He’ll also present some strategies and best practices for minimizing these types of information-mining attacks.. |
 Brian Desmond | Principal, Ravenswood Technology GroupIn today’s world, end users expect to be able to work in almost any location with the device of their choosing. With key corporate data in the cloud, enforcing traditional perimeters inside the firewall and on corporate owned devices is no longer possible. In this session, you’ll learn how to extend the native security and information protection capabilities of Office 365 with Microsoft’s Enterprise Mobility Suite (EMS). We’ll discuss multi-factor authentication and conditional access with Azure Active Directory Premium (AAD-P), securing corporate data on mobile devices and personal computers with Intune, and data classification and protection with Azure Information Protection (AIP).. |
|
| 11:00-11:30 am - Coffee break | ||
| 11:30 am-12:45 pm - Case Study: Integrating Two Companies while Transitioning to the Cloud, Jorge de Almeida Pinto | 11:30 am-12:45 pm - Master Modern Authentication Troubleshooting, Joe Kaplan | |
 Jorge de Almeida Pinto | Identity Engineer/Architect/MVP, RabobankFrom an organizational perspective the integration of Rabobank International and Rabobank Nederland has ended. From a technical perspective the integration is ongoing. In this session we’ll discuss how some on-premises infrastructure components have been integrated/consolidated and how we set up the identity bridge for Rabobank between the on-premises AD and Azure AD. We’ll cover (at least) the following: AD, Exchange, Skype for Business, ADFS, Azure AD, Azure AD Connect, Azure AD Connect Health, Azure AD MFA Server, Azure AD Conditional Access, Azure AD Password Management, and Mobility. |
 Joe KaplanModern authentication is essentially a set of approaches for implementing authentication using HTTP-based protocols and web user interfaces. It is part of the journey to Hybrid Identity but it can be frustrating to understand and especially troubleshoot when it is not behaving as expected. Fortunately, there are readily available tools and techniques for debugging HTTP-based protocols and we can use these to see what is going on under the hood. In this session, we’ll introduce some key concepts in HTTP itself, apply that to modern authentication on the Microsoft Azure AD platform and demonstrate practical techniques for understanding common problems with tools like Fiddler and HTTPWatch. |
|
| 12:45-01:30 pm - Lunch, networking | ||
| 01:30-02:30 pm - A Day in The Life of Active Directory Passwords, Michael Grafnetter and Guy Teverovsky | 01:30-02:30 pm - It's All About the Data: Protecting Corporate Data In The Wild, Sean Deuby | |
 Michael Grafnetter | PFE Identity & Security, Microsoft Guy Teverovsky | CTO, SemperisWhere does Active Directory store passwords? Are they encrypted and/or hashed? Can they be extracted? How does a password change work? Can it be reverted? There are many misconceptions regarding these topics, even among experienced Active Directory administrators. Join experts Guy and Michael during this deep-dive talk and find out how Active Directory handles your password. |
 Sean Deuby | Architect, Edgile Inc.According to Microsoft, 88% of organizations report that they cannot adequately protect data against cyber threats. At the same time, your users are clamoring to access this data from their mobile devices or external sharing applications both at work and away - without IT taking over their personal device. How do you reconcile these two seemingly opposing requirements? You must focus on protecting the data, not the device. In this session, Sean will show how important corporate data can be protected in BYOD scenarios and beyond with Intune mobile application management and Azure Information Protection. |
|
| 02:30-03:30 pm - Using advanced security in Azure AD with Privileged Identity Management and Identity Protection, John Savill | 02:30-03:30 pm - Virtualizing Domain Controllers in Hyper-V and Azure the right way! Sander Berkouwer | |
 John Savill | Principal Solutions Architect, Microsoft Technology CenterAs Azure AD becomes the core identity for the enterprise it’s critical that identity is well protected which includes solutions such as MFA but also better visibility into the account usage and removing standing privilege. In this session John will look at key aspects around maximizing security of identities and embracing just enough and just in time administration across your services and Azure.. |
 Sander Berkouwer | Identity Architect and Microsoft MVPActive Directory Domain Controllers hold the keys to your kingdom. So how do you virtualize these castles of identity, without compromising on the requirements of your organization? This session shares the best practices for hardening, backing up, restoring and managing virtualized Domain Controllers on both Hyper-V, Azure Stack and in Azure Infrastructure-as-a-Service VMs, from the field, The information is based on the latest version of Azure and Windows Server 2016, like Shielded VMs, but will also show how the functionality of Windows Server 2012 and Windows Server 2012 R2 already allow for risk mitigation and availability, too, so you don't have to upgrade everything immediately, if you can't. |
|
| 03:30-04:00 pm - Coffee break | ||
| 04:00-05:00 pm - To be announced | ||
| 05:00-05:30 pm - Closing remarks and networking, Mickey Bresman | ||
| 08:30-09:45 am - Registration, breakfast, networking | ||
| 09:45-10:00 am - Opening remarks and welcome, Darren Mar-Elia | ||
| 10:00-11:00 am - Detect and Respond to Active Directory Cyber-Breaches, Allen Brokken | 10:00-11:00 am - Azure AD Connect, Inside Out, Sander Berkouwer | |
 Allen Brokken | Chief Architect - CyberSecurity, Ascent SolutionsIndustry statistics say cyber-breaches are a lot more common than we want to admit. And unfortunately, in most companies it can still take months to discover a breach. You may have taken every measure you can to protect your organization from hackers, but it doesn’t guarantee that no one will gain access to your Active Directory – and therefore, to the entire company. In this hands-on presentation you will learn how you can detect breaches immediately as they happen. You will see how to stop attackers in their tracks and bring your environment back to its pre-breach state. |
Sander Berkouwer | Identity Architect and Microsoft MVP New hybrid cloud scenarios introduce new identity challenges. But how do you overcome these? How do you properly design and implement Hybrid Identity in real world scenarios? In this demo-packed session Sander Berkouwer (Enterprise Mobility MVP) turns Microsoft free Hybrid Identity “bridge” product, Azure AD Connect, inside out, showing all the good stuff, but also the gory details! |
|
| 11:00-11:30 am - Coffee break | ||
| 11:30 am-12:45 pm - Inside and Out: Make Your App Finally Work for You, Tomasz Onyszko | 11:30 am-12:45 pm - AAD Connect: When Default Is Not Enough, Roelf Zomerman | |
 Tomasz Onyszko | CTO, PredicaApplication access was always a problem. VPNs, Remote desktops - we've seen it all. With cloud and identity right now we can finally make it work. See how Azure AD Web Application Proxy makes on-prem apps work for you regardless of place and if you are on-prem, cloud or business guest user in organization. Topics covers: Azure AD WAP, B2B, Ping Access, on-prem and Kerberos applications |
 Roelf Zomerman | Cloud Solution Architect, MicrosoftDefault installations are easy, but what if your architecture requires to go beyond the defaults? What about multi-forest complex cases or requirements to sync non-standard attributes? I will cover all kinds of practical real life examples of implementations where "default is not enough." |
|
| 12:45-01:30 pm - Lunch, networking | ||
| 01:30-02:30 pm - To be announced | 01:30-02:30 pm - Identity as the Control Plane, Joe Kaplan | |
| To be announced |
Joe Kaplan What do we really mean when we say “identity is the new control plane?” Yes, networks are still important but as more and more services shift to Internet-facing deployment models (both SaaS and corporate), the role of identity in controlling access to these resources comes to the forefront. In Azure AD, the Conditional Access feature provides the policy engine to manage user-based access. This session will focus on the key features of Conditional Access including multi-factor authentication, device-based authentication, risk-based authentication and location awareness for both workstations and mobile devices. |
|
| 02:30-03:30 pm - Protecting Active Directory Infrastructure against Petya and Her Friends, Michael Grafnetter | 02:30-03:30 pm - The IT Pro as SaaS Wrangler: Gaining Control of Your Company's Grassroots SaaS Usage, Sean Deuby | |
|
Michael Grafnetter, PFE Identity & Security, Microsoft Many companies have struggled to restore their business-critical services like Active Directory or Exchange for weeks after the (Not)Petya malware outbreak. What could they have done better to prevent such catastrophes? And what can be done when all DCs, including their backups, get lost? |
Sean Deuby | Architect, Edgile Inc. 80% of employees admit to using unauthorized SaaS applications. Generally, they aren't being malicious; they're just trying to get their work done. But it's critical that you become aware of what SaaS apps your users are using, the relative risk each app creates, and control what happens to your data in those apps. In this session, Sean will show you how to use Microsoft Cloud App Security to quickly (and at no cost) gain insight into your all your organization's SaaS app usage - not just the ones you think you know about. |
|
| 03:30-04:00 pm - Coffee break | ||
| 04:00-05:00 pm - To be announced | ||
| 05:00-05:30 pm - Conference closing remarks, Mickey Bresman | ||
Hybrid Identity Protection Conference 2017 offers a unique opportunity to spend two days on site in New York with your peers, whose day-to-day job is to architect, manage, and protect identity management in the hybrid enterprise. You will also be able to meet face-to-face with the leading experts of your field, acquire in-depth technical knowledge, and be exposed to the latest innovation.
Meet key industry experts
Listen to relevant presentations
Expand your technical knowledge and explore possible strategies
Network with your peers from similar organizations
Semperis is an enterprise identity protection company that helps recover enterprises from cyber breaches and identity system failures, on-premises and on cloud. Semperis' leading technology enables organizations to ensure the secure operation of their directory services, allowing IT and Security teams to respond in cases of Active Directory disasters and cyber breaches. Founded in 2013 by experienced IAM professionals, Semperis serves customers in the financial, healthcare, government and other industries worldwide. Semperis' solutions are accredited by Microsoft and are included in the latest Gartner reports.