BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//orangecon-2024//speaker//FJ39RH
BEGIN:VTIMEZONE
TZID:CET
BEGIN:STANDARD
DTSTART:20001029T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:CET
TZOFFSETFROM:+0200
TZOFFSETTO:+0100
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:CEST
TZOFFSETFROM:+0100
TZOFFSETTO:+0200
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-orangecon-2024-PGAYXE@pretalx.com
DTSTART;TZID=CET:20240905T150000
DTEND;TZID=CET:20240905T152000
DESCRIPTION:In this presentation\, we will explore the potential of Microso
 ft Graph API logs\, focusing on its use for enhancing security\, insights\
 , and real-world attack scenarios within M365 environments. We begin by de
 tailing the process of obtaining logs. We'll talk about fields which are c
 ritical for monitoring and analysis\, correlatable fields and useful KQL f
 unctions that help. A comparison of delegated vs. application permissions 
 to help attendees understand their distinct attack use cases and best prac
 tices. \n\nThe discussion will move to common attack patterns using Graph 
 API\, offering strategies for threat hunting and detection. Real-world sto
 ries from the frontlines will illustrate how organizations have successful
 ly utilized Graph API to mitigate security incidents. Additionally\, we wi
 ll also highlight significant contributions from researchers and authors w
 ho've done great research in this field. The presentation will conclude wi
 th a summary of best practices and actionable insights for leveraging Micr
 osoft Graph API logs to its fullest potential. This session aims to equip 
 security professionals with the knowledge to effectively use Microsoft Gra
 ph API logs.
DTSTAMP:20260608T015628Z
LOCATION:Second track
SUMMARY:Graph API Mastery - Logs to Real World Attacks - Shiva P\, Parthiba
 n R
URL:https://pretalx.com/orangecon-2024/talk/PGAYXE/
END:VEVENT
END:VCALENDAR