Eric Woodruff
Throughout his 23-year career in the IT field, Eric has sought out and held a diverse range of roles, including technical manager in the public sector, Sr. Premier Field Engineer at Microsoft, and Security and Identity Architect in the Microsoft Partner Ecosystem. Currently he serves as a Product Technical Specialist at Semperis, focusing on ITDR and cloud identity resilience. Eric is a Microsoft MVP for security, recognized for his expertise in the Microsoft identity ecosystem. Outside of work, Eric supports the professional community, providing his insights and expertise at conferences, participating on the IDPro Body of Knowledge Committee, and blogging about Entra and related cloud security topics.
Session
Despite the hopes and dreams of moving to a cloud-centric identity, the reality is Active Directory (AD) is not retiring anytime soon for the organizations that use it. The complexities of how woven into the fabric of a business Active Directory is puts the brakes on even the most ambitious cloud-centric modernization programs. And while Active Directory tends to receive no love from the business, it certainly does from the threat actors – Mandiant has reported that 90% of all breaches they investigate involve Active Directory. Since things are not changing anytime soon, we might as well give AD a little bit of the security TLC.
In this session we will explore the most common blockers preventing organizations from parting ways with Active Directory. And since this staple directory service is sticking around, we will look at the most common threat patterns against Active Directory, and the critical security controls to help keep our users and business secure for as long as AD is here to stay.