Improving the security posture of MacOS and Linux with Azure AD

Presented at Blue Team Con 2022, Aug. 27, 2022, 1:30 p.m. (50 minutes)

The majority of organizations have Windows, MacOS and Linux in their environment. Typically many of the security controls that are applied to Windows are not applied to MacOS or Linux, due to the size of the footprint and the difficulty of implementation. This can lead to holes in an organization's overall security posture as well as a poor end user experience.

Recently, Azure AD has released some new functionality to help improve the overall environment security posture for MacOS and Linux, both servers and clients. We'll discuss how these pieces work deep down and some best practices on deploying them.

In this session you'll learn how to reduce authentication prompts, further lockdown your Conditional Access policies, and leverage modern credentials like Passwordless on these platforms.

Presenters:

• Michael Epping - Program Manager, Microsoft
  Michael Epping is a Senior Program Manager in the Azure AD Engineering team at Microsoft. He is part of the customer experience org and his role is to accelerate the adoption of cloud services across enterprise customers. Michael helps customers deploy Azure AD features and capabilities via long-term engagements, as well as works within the engineering organization as an advocate on behalf of those customers. Michael has more than 9 years of experience working with customers to deploy Microsoft products like Azure AD, Intune, and Office 365.
• Mark Morowczynski - Program Manager, Microsoft
  Mark Morowczynski (@markmorow) is a Principal Program Manager on the customer success team in the Microsoft Identity division. He spends most of his time working with customers on their deployments of Azure Active Directory. Previously he was Premier Field Engineer supporting Active Directory, Active Directory Federation Services and Windows Client performance. He was also one of the founders of the AskPFEPlat blog. He's spoken at various industry events such as Black Hat, Defcon Blue Team Village, Blue Team Con, GrayHat, several BSides, Microsoft Ignite, Microsoft Inspire, Microsoft MVP Summits, The Experts Conference (TEC), The Cloud Identity Summit, SANs Security Summits and TechMentor. He can be frequently found on Twitter as @markmorow arguing about baseball and making sometimes funny gifs.

Similar Presentations:

• Objective by the Sea version 5.0 (2022) / Process Injection: Breaking all macOS Security Layers with a Single Vulnerability
• Objective by the Sea version 5.0 (2022) / Improving macOS Security by Reducing Authentication Prompts
• DEF CON 30 (2022) / Process injection: breaking all macOS security layers with a single vulnerability