Protect identity and access in Azure
Protect identity and access in Azure
Welcome to RecertHero!
Submit bugs, feature requests, and feedbackBrowse · 27 certifications tracked
Search webinars, courses, videos, and vendor training — each mapped to the certifications you’re actually renewing.
19 results for “Identity & Access”
Protect identity and access in Azure
Learn to create and manage identity and access using Microsoft Entra ID. Explore the basics of creating users, groups, and how to control access with conditional access.
Access Control And Identity Management — self-paced course on Cybrary. Visit the course page for full details and prerequisites.
In this course, you’ll explore the world of authorization and authentication, and understand the concepts of two-step authentication and single sign-on policies. You’ll also become familiar with the features and capabilities of Azure Active Directory (Azure AD), particularly those relating to the benefits of using Azure AD to manage an enterprise’s security requirements including access management, identity governance, and management. This course will take you one step closer to the Microsoft Cybersecurity Analyst Professional Certificate, which requires no degree or prior experience.
Identity and access management has been a pillar in security for decades now; it has emerged, changed, and evolved many times over as the problems it solved grew larger and more complex. Identity governance, identity providers, and authorization platforms are all required to deliver a secure identity practice. Authorization, like every piece of identity, enables the modern business, reduces risk, tightens security, and protects access to your digital assets. Join PlainID and ISC2 to hear a discussion where speakers dive into the project and business drivers they see that require centralized authorization. his talk will help you: · Distinguish how IGA (Identity Governance and Administration) and IAM (Identity Access Management) tools control access through RBAC and ABAC approaches · Learn how Policy-based Access Control (PBAC) compares with previous methods · Understand the growing importance of authorization in today's threat and compliance landscape and how it protects digital assets.
Learn about the Microsoft Learn for Educators program and how to best deliver its content to your students. Prepare to deliver Microsoft’s security solutions, SC-900 Microsoft Security, Compliance, and Identity Fundamentals in academic program.
Learn how to work with subscriptions, users, and groups by configuring Microsoft Entra ID for workloads.
Implement end-to-end security for Azure SQL Database and SQL Managed Instance. Configure Entra ID authentication with managed identity access, deploy private endpoints, and apply encryption and access controls to protect sensitive financial data. Establish compliant audit trails and enable Microsoft Defender for Databases to detect SQL injection, anomalous access, and vulnerability exposures.
Learn how to secure identities used by AI workloads in Azure. Build skills in workload identity architecture, access management, Conditional Access, and identity risk response by using Microsoft Entra.
***This course was developed by members of AWS Technical Field Communities (TFC), an AWS community of technical experts. The content is intended to complement our standard training curriculum and augment your AWS learning journey. We are aware some courses have accessibility limitations and are working to address. If you require accommodation, please contact [AWS Training and Certification Customer Support](https://support.aws.amazon.com/#/contacts/aws-training).*** In this course you will learn how to choose an AWS identity or access management service, what each service does, and which services are applicable to your current needs.
The ongoing transition to cloud platforms has meant that more sensitive data is stored in the cloud, making it more tempting for adversaries to exploit. When it comes to securing the cloud, identity is the first line of defense. Proper identity and access management (IAM) policies are the foundation of comprehensive cloud security principles. To understand how IAM policies affect organizations' cloud security posture, Unit 42 researchers analyzed 680,000+ identities across 18,000 cloud accounts from 200 different organizations. The results of our research were shocking - nearly all organizations we analyzed lack the proper IAM management policy controls to remain secure. Misconfigured IAM policies open the door for cloud threat actors. We define a cloud threat actor as "an individual or group posing a threat to organizations through directed and sustained access to cloud platform resources, services or embedded metadata." Cloud threat actors merit a separate definition as they employ a fundamentally different set of tactics, techniques and procedures (TTPs) that are unique to the cloud – such as taking advantage of the ability to perform both lateral movement and privilege escalation operations simultaneously. Join Palo Alto and (ISC)² June 2, 2022 at 1:00 p.m. Eastern/10:00 a.m. Pacific for this webinar where the audience will be guided through the latest research in overprivileged IAM identities in real-world cloud environments and how cloud threat actors are zeroing in on these excessive permissions to expand their control of cloud environments. Detection and mitigation of these risks are possible, join us to find out how!
A 3-hour learning path covering conditional access, Privileged Identity Management, workload identities, and migration patterns from legacy AD. Includes 5 labs and a knowledge check.
Explore the digital footprints of a malicious hacker and uncover their attack path, as we take you for a journey inside the mind of a threat analyst responding to a cybersecurity incident that brought a business to a complete halt. Discover the evidence left behind, uncover the attack path, and understand the techniques used by the attackers. This session will delve into a real-world incident response, showcasing the methods employed by attackers to compromise identities and credentials. Join ISC2 and Delinea as we guide you through the steps taken by cybercriminals during a damaging identity compromise attack, including: • Access Gaining and Patient Zero Identification: Learn how attackers initially infiltrated systems and identified the first compromised system. • Establishing Staging, Footholds and Persistence: Understand how attackers set up their presence within the network and maintained access over time. • Tools and Commands Used: Discover the specific tools and commands utilized by the attackers, including RDP Brute Force, Mimikatz and Responder. • Credential Harvesting and Misuse: See how attackers harvested credentials and used them to escalate privileges and move laterally within the network. • Active Directory (AD) Elevation: Learn how attackers achieved AD elevation to gain further access and control over the infrastructure. Gain a comprehensive understanding of the tactics, techniques and procedures (TTPs) used by cyber criminals to compromise identities and credentials. This knowledge will empower you to better defend your organization against such cyberattacks.
Changes in how we build, run and secure information systems have also changed how we look at authentication and access control. The emerging concept of identity is transforming the ways that humans and non-human actors alike make use of data and compute power. At the same time, organizations’ focus on identity also means that it has become a focus for attackers. To assess the ways that old and new attacks are targeting digital identities, F5 Labs is presenting findings from our 2023 Identity Threat Report: The Unpatchables. In a follow-up to the September session on credential stuffing, this talk will focus on phishing and multi-factor authentication bypass techniques. As phishing has grown over the last several years, its tools and tactics have transformed. We will identify which organizations are most targeted and explore recent developments that make it harder to spot and trickier to mitigate, using a combination of Dark Web intelligence and quantitative methods. This talk on October 19, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific will cover recent developments in attacker approaches to circumvent multi-factor authentication, what these developments mean for defenders, and which forms of MFA are able to resist the new approaches.
Changes in how we design, build, run and secure information systems have also changed how we look at authentication and access control. The emerging concept of identity is transforming the ways that humans and non-human actors alike make use of data and compute power. At the same time, the emergence of identity as a focus for organizations also means that it has become a focus for attackers. To assess the ways that old and new attacks are targeting digital identities, F5 Labs is presenting findings from our 2023 Identity Threat Report: The Unpatchables. On September 19, 2023 at 1:00 p.m. Eastern/10:00 a.m. Pacific this session will focus on credential stuffing. This will be the first of two sessions. We will quantify its prevalence, explore targeting trends such as attackers’ choice of industries and endpoints, and outline credential stuffing tactics, techniques and procedures (TTPs). We will also take a deeper look into some case studies, with a particular focus on the differences between basic and sophisticated attacks. This talk will also assess the stolen credentials supply chain before focusing on mitigation strategies for combating credential stuffing.
Learn to design and implement strong authentication controls, apply Just-in-Time privileged access strategies, and extend identity-based security to AI-powered applications using Microsoft Entra.
A 10-minute video explaining why identity is the new perimeter, with three concrete control patterns: just-in-time access, conditional access, and continuous verification.
Remote and hybrid work are now permanent realities, but they have dramatically expanded the attack surface and introduced new security challenges. Join Steve Piper, CEO of CyberEdge and Editor-in-Chief of Security Buzz, as he explores how organizations can protect users, devices, and data—without slowing down the business or frustrating employees. This webinar will cover practical strategies for securing access, managing endpoints, and protecting sensitive information across distributed environments. Steve will discuss how modern identity controls, cloud security, and user-focused policies can reduce risk while supporting flexibility and performance. Attendees will leave with actionable guidance to balance strong security with a seamless employee experience.
ISC2 Security Congress 2025 is right around the corner, and we’re so excited about this year’s speaker line-up that we decided to bring a sample of this year’s content to you early! Join three of our esteemed conference speakers as they provide highlights into their session content – all focused around AI. By joining this session you’ll get a snapshot of session content, which includes the following presentations: Agentic AI: Navigating the Uncharted Waters of Non-Human Identity and Liability How AI Will Shape the Shift-Left approach in AppSec Threat Modeling AI: STRIDE Was a Good Start, But This Is Weirder Join us live to be among the first to gain valuable insights into these sessions, plus have an opportunity to as your questions. Like what you see? Register for ISC2 Security Congress 2025to unlock access to even more great content this October. You won’t want to miss this enlightening webinar that's the first in a series of three, 2025 Security Congress Sneak Peek webinars!