For the best web experience, please use IE11+, Chrome, Firefox, or Safari
Schedule & events
Home / Cyber Resilience & Migration Skills 101 – Online Training / Schedule & events

Schedule & events

Add series to calendar

Apple Google Office 365 Outlook Outlook.com Yahoo

From Alerts to Action: Investigating Hybrid Identity Risk

Date: May 14th
Time: 11:00am ET
Location: Microsoft Teams Townhall

If you’re monitoring identity activity across Active Directory and Entra ID, visibility alone isn’t enough when alerts need context and risk needs clarity.

This session focuses on how Identity Defense uses audit data to surface suspicious activity, risky changes, and identity-based attack paths in hybrid identity environments. You’ll see how to navigate investigation views, interpret findings efficiently, and connect alerts to real threats impacting your privileged access tier.

From there, we shift to Tier Zero protection and explore how “Shields Up” actively protects critical objects.

We’ll explore:

  • How to use Identity Defense to investigate findings, detect anomalies, and pinpoint risky changes
  • Practical techniques for identifying privilege escalation vectors and potential attack paths
  • What Tier Zero represents in hybrid AD environments and why attackers target it
  • How the “Shields Up” capability protects Tier Zero assets
  • How to turn insights into consistent governance and hardening actions

This session is designed to help you move from detection to investigation and active protection in hybrid identity environments.

Speaker: Mathew Clarke, Solutions Consultant