Jump to navigation Jump to content

Speaker

Fabian Bader

Fabian Bader

Cyber Security Architect and Microsoft MVP

Cyber Security Architect and Microsoft MVP

Hamburg, Germany

Fabian Bader is a Cyber Security Architect and Microsoft MVP from Germany. He focuses on security and cloud solutions and works mainly with Microsoft technologies.
From Azure cloud to on-premises Active Directory, he likes to automate stuff with PowerShell.

Besides being a speaker at community events, he blogs at "cloudbrothers.info" and hosts the "Hamburg PowerShell User Group" and is part of the organizing team of "PowerShell Saturday Hamburg".

❤️ PowerShell and Security 🛡️

Fabian Bader is a Cyber Security Architect and Microsoft MVP from Germany. He focuses on security and cloud solutions and works mainly with Microsoft technologies.
From Azure cloud to on-premises Active Directory, he likes to automate stuff with PowerShell.

Besides being a speaker at community events, he blogs at "cloudbrothers.info" and hosts the "Hamburg PowerShell User Group" and is part of the organizing team of "PowerShell Saturday Hamburg".

❤️ PowerShell and Security 🛡️

Links

Awards

Area of Expertise

  • Information & Communications Technology

Topics

  • Azure AD
  • PowerShell
  • Microsoft Azure
  • Azure Active Directory
  • Automation with PowerShell
  • Azure PaaS
  • Active Directory
  • Azure Hybrid Identity
  • Microsoft Defender
  • Infrastructure as Code
  • Cloud & Infrastructure
  • Cloud Native Infrastructure
  • Secure Infrastructure
  • Defender for Cloud
  • Security
  • Identity
  • Microsoft Identity
  • Microsoft Defender for Identity
  • Microsoft 365 Defender
  • Microsoft Defender for Cloud
  • Microsoft Defender for Cloud Apps
  • Microsoft Defender for Office
  • Microsoft Defender for Endpoint
  • Microsoft Defender for Office 365
  • Cloud Security
  • Azure Security
  • IT Security
  • Microsoft Sentinel
  • Azure Sentinel
  • Microsoft XDR

Sessions

Microsoft Defender for Identity ♥️ PowerShell en de

Microsoft Defender for Identity has had an official PowerShell module for a few weeks now. What is possible with it and why do you need it at all? We will answer all these questions in this session.

Microsoft Defender for Identity ♥️ PowerShell en de

Microsoft Defender for Identity hat seit wenigen Wochen ein offizielles PowerShell Module. Was ist damit möglich und wozu braucht man des überhaupt? All diese Fragen klären wir in dieser Session.

Entra ID Automation using Graph X-Ray en

With the deprecation of the Microsoft Azure Active Directory Graph API in sight (30.03.2024) only a few weeks away, for many there is still the question - How do I use the new Microsoft Graph SDK module, and how do I navigate all those Graph endpoints. In this session we will explore this in more depth ,and I will show different ways how to figure out which cmdlet or Graph endpoint is the correct one to use.

From (tier) zero to cloud hero: How to pwn Azure AD from on-prem en

Most organizations today leverage the cloud and Azure AD is a crucial service for many of them. This makes it a valuable target for threat actors as well.
The crown jewel to this environments is a global admin account, the cloud equivalent of domain admin.

In this talk I will demonstrate an attack path from on-premises to Global Admin that does not rely on password resets of existing users.

You will learn how to detect the different methods used and counter it at different stages and a simple way to see if your environment is vulnerable.

Sentinel Pester Framework en

Regardless if you manage one or multiple Sentinel workspaces, if you use CI/CD or a manual approach, configuration drift is something to watch out for.

Monitoring changes to core settings, data connectors, analytics rules and other artifacts should be great and easy.

And with the Sentinel Pester Framework you get the tooling that allows you to do so.

In this talk we discuss the basic configuration as well as the option to implement the solution in a CI/CD pipeline like GitHub actions.

Use external threat intelligence in Microsoft Defender for Endpoint en

Extend alarming and protection capabilities of Microsoft Defender for Endpoint using external data sources.
In this showcase Fabian Bader will demonstrate how easy you can tap into open source threat intelligence using the Feodo Tracker project and use it to protect your endpoints.

The Feodo Tracker project (https://feodotracker.abuse.ch/), which tracks active Emotet C2 servers around the globe, is used as an example.

Azure Attack Paths en

Azure offers a wide offering of services and all those services are interconnected. That makes it easy to loose sight of who can manage what. Different Identity types and permissions are the backbone for a secure cloud environment. Therefore it's important to understand how each service might be used to laterally move in your environment and how bad choices could affect your security posture.

Why using a FIDO2 security key is important? en

In this session you will learn why classic MFA based authentication is still at risk of being phished and how FIDO2 security keys can mitigate such attacks. We also look in how Azure AD conditional access provides additional layer of security you can implement.

Alert {{customization}} in Sentinel en

Custom alert details in Microsoft Sentinel can be a game changer. In this session I will demonstrate how to use this feature in your own Analytics Rules and how it can help your analysts by surfacing important information. This session is very demo heavy.

Events

Azure Saturday Hamburg 2024 Sessionize Event

January 2024 Hamburg, Germany

Fabian Bader

Cyber Security Architect and Microsoft MVP

Hamburg, Germany

Links

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top