2019 was already an incredible year. I was allowed to be on stages this year that I would never have dreamed of. Fantastic!
Definitely an absolute highlight has been RSA 2019, where I was invited to speak with my buddy Josh Harriman about “The Lost Boys: How Linux and Mac Intersect in a Windows-Centric Security World”. An awesome experience to be on stage with an expert like Josh!
Now two more top conferences are casting their shadow – Microsoft Ignite and ExpertsLive Europe.
Three years in a row I have received the absolute honor to speak at Microsoft’s expert conference Ignite. This year I’m just super excited to share my experiences in building up a security operations center! You might know that I started my journey in security with Microsoft around 2,5 years ago when Microsoft officially announced their idea around Microsoft Defender Advanced Threat Protection (MDATP – formerly known as WDATP). Back then I could convince my management at sepago to give me the chance and build up a team of experts that is focused on consulting Microsoft security. Pretty soon we realized that unlike past projects customers do not mainly need the help with the roll-out or migration to MDATP they more lack knowledge and hands when it comes to incident management or more generally speaking troubleshooting. Our sepagoSOC approach received pretty good feedback and we are more than proud that we even made it into the MDATP portal below “Applications”. This was without doubt a big success for us to be listed with all the other great partners!
How to build and run a security operations center
In my first session: “How to build and run a security operations center” I will share a little more about our journey before we will then discuss concepts like:
- „Best of Breed“ or „Best of Suite“ ?
- Playbooks, run-books, process manuals – what really matters
- considerations about 1st to 3rd level operations management
- There’s a TOOL for everything – what do you need?
….besides many other key points that played a roll for us.
The session ( UNC1039 ) will happen: Tuesday 9:00 AM – 10:15 AM at The Hub: Unconference Room 2 – Sign up here
World café Windows 10: Ask, share, and discuss what’s important for you
The second session is a returner! Last year I already had the pleasure to hold this talk with my friends Maurice Daly and Nickolaj Andersen. This year my buddy in crime Oliver Kieselbach will join me for the session around: “World café Windows 10: Ask, share, and discuss what’s important for you!“. After a quick intro around what’s the latest and greatest -we will again address discussion points like:
- management and co-management
- challenges around Windows 10 deployment
- securing and hardening Windows 10
The session ( UNC1040 ) will happen: Wednesday 2:15 PM – 3:30 PM
The Hub: Unconference Room 2 – Sign up here
GeekSprech Podcasts and GeekSchau Webcasts
Besides my unconference engagements I’m just overwhelmed that Eric and myself got incredible FOUR slots to produce GeekSprech podcasts and GeekSchau webcasts at the conference. When we did this last year with Paula the podcast studio session was the absolute best experience of the whole conference for me. The team around this was suuuuuuuuper professional and it kind of felt like producing our own tv-show. Needless to say that Paula was a perfect guest and the overall conversation went very smooth. So stay tuned for more content. We are already well prepared and more than excited to welcome our outstanding guests 🙂
Looking forward to meet you there!