Modern Management Summit 2026

From a historical perspective in the scope of compromising Identitoes. we have a few waves of innovations the last 10 years. We moved from username / password to MFA. Last two years, with the adversary in the middle attacks, we need to move to more secure MFA, phishing resistant MFA. But what's next ? Think about stealing tokens from your device and reuse that on other systems.

The topic of Privileged Access Workstations (PAW) is hot again. But, many companies struggle to understand exactly what it means, how it will affect operations, and why to bother in the first place.

This session aims to remedy that, with a dive into theoretical practices regarding PAWs, and of course, live demoes of how they work with each other, and the intended administrative interfaces.

Buckle up, and get ready to gain insights into Administrative Tiering as a concept, the roles of PAWs, and how to implement them in your environment.

Security teams are often overwhelmed by large numbers of security recommendations in Defender, many labeled as high or critical. The real challenge is not finding risks, but deciding which ones truly matter first. This session shows how a tier-based risk analysis model can bring clarity and focus to security prioritization.

We introduce a practical approach that combines security impact and real-world consequences into a custom risk score, which is then translated into clear priority tiers (Tier 0–3). These tiers make it easier to understand urgency, align actions across teams, and focus remediation efforts where they have the highest effect.

In this session, you will learn:
* Why traditional severity ratings fail to support effective prioritization
* How to calculate risk based on impact and consequence, not just likelihood
* How Tier 0–3 prioritization simplifies decision-making and remediation planning
* How tiering helps align security priorities with business-critical assets

By the end of the session, you will understand how tier-based risk analysis reduces noise, improves consistency, and enables security teams to act faster and more confidently on the recommendations that matter most.

In this session we will show you everything you need to know when building custom detections in Microsoft 365 Defender. We will also walk you through several practical use cases everyone should have in their environment.