ETWorkshops

Entra Permissions Management

Welcome to Microsoft EPM Workshop.

Entra Permissions Management is a Cloud Infrastructure Entitlement Management (CIEM) solution. Cloud Infrastructure Entitlement Management (CIEM) capability plays an important role in Identity governance and cloud security capability, by providing visibility into identity permission risks and enabling evidence-based approach to least privilege. Microsoft Entra Permissions Management is a CIEM product that provides comprehensive visibility and control over permissions for any identity and any resource in Microsoft Azure, Amazon Web Services (AWS) and Google Cloud Platform (GCP). In this workshop, we will understand how it helps reduce your attack surface area and learn about Entra Permissions Management by focussing on three key areas:

1. Discovery: Identification of permission posture and identification of gaps.
2. Remediation: Investigation to identify and prioritise high-impact risks, and remediation of over-provisioned permissions.
3. Monitoring: Setup measures to continuously monitor for posture-drift and anomalies, and automatically remediate the required gaps. We will focus on the technical side of identity risk management for the hands-on sessions, and operational aspects of leveraging a CIEM solution during our post-session discussions.

Workshop Structure

This workshop is made up of a series of challenges. Each challenge has a description which follows the storyline of a hypothetical organisation called Contoso Mortgage. Your team will tackle these challenges as a team. We will identify a leader for each challenge who will help the team achieve the listed Success Criteria before moving to next one.

For each challenge, your team will present the objective, approach, and outcome to the CISO and describe how each can be used to protect or manage the organization’s security and compliance requirements.

Completing a challenge

• Go through the scenario described in the challenge and understand the success criteria.
• Explain the key requirements of the challenge to all the participants
• Go through the required security and compliance tools to take necessary steps for the challenge and collect required information.
• Summary and discuss your findings and how they can be used to mitigate risk or enhance Contoso’s identity posture. Your coach will discuss your findings before you move on to the next challenge

While going through this experience, kindly note to:

• Resist the initial temptation to rush to the keyboard! Take time to pause and think as a team about the challenge, what is expected, and how to optimize the team member skills to achieve success.
• Use a new Edge profile for demo environment, to avoid any confusion with any other credentials that you may use to access Azure or Microsoft 365.

Learning Objectives

This workshop will help you learn:

• Visibility –
• Remediation –
• Governance improvement –

References

Documentation

---

Navigation

Introduction	Background	Challenge 1	Challenge 2	Challenge 3	Challenge 4	Challenge 5	Summmary
link	link	link	link	link	link	link	link

This site is open source. Improve this page.