Fighting Identity-Based Attacks in Entra ID for Defenders

Overview

Identity is the primary perimeter to secure — and also the most targeted in public cloud. In this session, we’ll walk through today’s most common identity-based attacks in Microsoft Entra, including token theft, consent phishing, credential stuffing, and Business Email Compromise (BEC). Using real-world scenarios, we’ll explore how to defend against these threats using Microsoft 365 Business Premium, E3, and E5 — with a candid look at what’s actually possible across different licensing tiers. We’ll also reflect on how cybercrime has evolved into a professionalized industry, with identity now serving as the primary entry point for attackers. With over 345 million password-based attacks occurring daily and BEC losses in the billions, it’s no longer a matter of if you’ll be targeted — but when. What you’ll learn: • Key attack techniques targeting identities in Microsoft Entra • How Microsoft 365 licensing impacts your defense strategy • Actionable protection tactics for different business tiers This session is ideal for IT admins, cloud architects, and security defenders looking to strengthen their identity protection strategy with real-life practicality.

Speaker

Tommi Hovi

Senior Cloud Security Consultant @ Zure

Tommi is an Microsoft Cloud Security generalist with cloud architect background. Core strengths are in identity security, modern authentication, device security, cloud governance, cloud security and detection engineering. He has done various IT-jobs before landing on a spot at public cloud which carried away instantly at the beginning of 2019. He's been part of large cloud migration projects to greenfield deployments to security assessments and cloud consultation. Tommi is an organizer in a Helsinki and Tampere-based Azure and Friends user group which arranges monthly in-person events and he authors a blog site tommihovi.com where he posts various cloud and identity security articles.