ETWorkshops

Entra Permissions Management

Welcome to Microsoft EPM Workshop.

Entra Permissions Management is a Cloud Infrastructure Entitlement Management (CIEM) solution. Cloud Infrastructure Entitlement Management (CIEM) capability plays an important role in Identity governance and cloud security capability, by providing visibility into identity permission risks and enabling evidence-based approach to least privilege. Microsoft Entra Permissions Management is a CIEM product that provides comprehensive visibility and control over permissions for any identity and any resource in Microsoft Azure, Amazon Web Services (AWS) and Google Cloud Platform (GCP). In this workshop, we will understand how it helps reduce your attack surface area and learn about Entra Permissions Management by focussing on three key areas:

  1. Discovery: Identification of permission posture and identification of gaps.
  2. Remediation: Investigation to identify and prioritise high-impact risks, and remediation of over-provisioned permissions.
  3. Monitoring: Setup measures to continuously monitor for posture-drift and anomalies, and automatically remediate the required gaps. We will focus on the technical side of identity risk management for the hands-on sessions, and operational aspects of leveraging a CIEM solution during our post-session discussions.

Workshop Structure

This workshop is made up of a series of challenges. Each challenge has a description which follows the storyline of a hypothetical organisation called Contoso Mortgage. Your team will tackle these challenges as a team. We will identify a leader for each challenge who will help the team achieve the listed Success Criteria before moving to next one.

For each challenge, your team will present the objective, approach, and outcome to the CISO and describe how each can be used to protect or manage the organization’s security and compliance requirements.

Completing a challenge

While going through this experience, kindly note to:

Learning Objectives

This workshop will help you learn:

References

Documentation


Introduction Background Challenge 1 Challenge 2 Challenge 3 Challenge 4 Challenge 5 Summmary
link link link link link link link link