Presented by Eric Sachs and Maayan Bar-Niv at Microsoft Ignite, this session demonstrates how Microsoft Entra and Intune underpin a secure, AI-ready identity foundation, with actionable security strategies and real-world demos.

Building an Integrated, AI-Ready Security Foundation with Microsoft Entra and Intune

Speakers: Eric Sachs, Maayan Bar-Niv
Event: Microsoft Ignite 2025 (Session BRK242)
Level: Intermediate (200)

Agenda

  • Authentication mechanisms for AI-ready organizations
  • Security governance, compliance, and network defense
  • Conditional access policy automation and phased rollout
  • Detecting redundant and missing conditional access policies
  • Demos of practical security solutions, including Copilot’s defense features
  • EPM visibility dashboard overview for organizational insights
  • Conditional access applications for internal systems and GenAI tools
  • Enhanced network protections and new policy control features for managed devices

Key Topics & Scenarios

1. Identity-Based Security Foundation

  • Establish a robust digital security posture using Microsoft Entra (formerly Azure Active Directory)
  • Integrate Intune for device management and policy enforcement across Microsoft 365
  • Emphasize a Zero Trust approach for modern environments

2. Authentication & AI

  • Techniques to strengthen authentication, especially for AI applications and services
  • Strategies to adapt authentication frameworks as organizations increase AI adoption

3. Phased Rollout and Automated Conditional Access

  • Steps to gradually introduce and automate conditional access policies
  • Tools to detect unnecessary or missing access policies, reducing attack surface

4. Copilot Security Demo

  • Live demonstration showcasing Copilot blocking a malicious privilege escalation request
  • Illustrates AI’s role in real-time defense within the Microsoft ecosystem

5. Security Insights and Dashboards

  • Launch of EPM (Endpoint Privilege Management) visibility dashboard for centralizing organizational security data
  • Use dashboards to monitor policy compliance and detect anomalies

6. GenAI Network Protection

  • New network protection policies tailored for generative AI applications
  • Detect and respond to threats specific to both internal and GenAI-based workflows

7. Managed Devices and Edge Security

  • Enhanced Edge for Business policies across managed devices
  • Improving visibility and control for device compliance and data protection

Additional Resources

Takeaway: By leveraging Microsoft Entra and Intune, organizations can build a resilient, AI-ready security foundation that supports compliance, Zero Trust, and cutting-edge defense mechanisms for both cloud and on-premises environments.