Hard Lessons from Real-World Identity Disasters
Attacks on identity infrastructure have evolved from targeting individual accounts to compromising entire identity systems—often starting on-premises and propagating to cloud environments.
Alex Weinert, Chief Product Officer at Semperis and former VP of Identity Security at Microsoft, outlines a three-part framework for protecting identity fabric: before attacks (posture work), during attacks (detection and response), and after attacks (secure recovery). Through the lens of five detailed case studies of real-world identity security incidents from Semperis’ response team, he illustrates critical lessons including the importance of proper preparation and rehearsal, the need for immutable backups, the value of identity forensics, challenges with communications during incidents, and the importance of documenting response actions for regulatory compliance.
Join Senior Solution Architect and former Microsoft PFE Tim Wolf for a practical, step-by-step hybrid recovery approach for both on-prem Active Directory and Entra ID.
Refresh your understanding of hybrid Active Directory security challenges and incident response strategies, with practical tips for minimizing panic during cyber incidents.
Through live demos, Microsoft MVP Christopher Brumm shows how you can implement granular access controls, privileged identity management, and access packages for partners and consultants, while maintaining high security standards.
This discussion—featuring HIP Community experts Jorge De Almeida Pinto, Eric Woodruff, Michael Van Horenbeeck, Christopher Brumm, and Alex Weinert—reminds you that most attacks still use traditional methods, so the basic security hygiene you already practice is crucial.