Sign up to save your podcasts
Or
Share The Hidden Risks of Non-Human Identities in Your Tenant
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Hidden Risks of Non-Human Identities in Your Tenant
In this episode of Entra.Chat, I dive into the critical world of app governance with experts Jay Gundotra and Sander Berkouwer, who unpack the hidden risks of non-human identities in Microsoft Entra.
From shocking real-world breaches like Midnight Blizzard to a hilarious tale of a theme parkโs water supply mishap, we explore why securing your cloud apps is more urgent than ever. Tune in to discover practical tips and tools to safeguard your organization without losing your giraffes!
Subscribe with your favorite podcast player or watch on YouTube ๐
About Jay Gundotra
Jay is the CEO and technical founder of E-Now. He has a long history as an Exchange and Active Directory engineer, which led him to found his company and focus on solving complex identity and application governance challenges for enterprises.
LinkedIn - https://www.linkedin.com/in/jay-gundotra-19079a/
About Sander Berkouwer
Sander Berkouwer is a 17-year Microsoft MVP veteran and an accomplished identity architect. With deep expertise from being "in the trenches," he partners with Jay to educate the community and build solutions for managing non-human identities and service principals.
LinkedIn - https://www.linkedin.com/in/sanderberkouwer/
๐ Related Links
* AppGov Community - https://community.appgovscore.com/
* How Ownerless Apps in Entra ID Increase Your Attack Surface
* Securing Workload Identities in Entra ID: A Practical Guide for IT and Security Teams
๐ Chapters
00:00 Intro 01:55 What is App Governance? 04:02 The Origin Story of Focusing on App Governance 08:35 Why App Security is Critical Today 14:15 The Dangers of Over-Privileged Apps 20:38 The Giraffe Story: When Cleanup Goes Wrong 24:42 What Should a Successful Organization Do? 30:22 The Full Application Lifecycle: Onboarding to Offboarding 35:38 Building the AppGov Community 45:04 The Importance of Education and Automation
Podcast Apps
๐๏ธ Entra.Chat - https://entra.chat
๐ง Apple Podcast โ https://entra.chat/apple
๐บ YouTube โ https://entra.chat/youtube
๐บ Spotify โ https://entra.chat/spotify
๐ง Overcast โ https://entra.chat/overcast
๐ง Pocketcast โ https://entra.chat/pocketcast
๐ง Others โ https://entra.chat/rss
Merill's socials
๐บ YouTube โ youtube.com/@merillx
๐ LinkedIn โ linkedin.com/in/merill
๐ค Twitter โ twitter.com/merill
๐บ TikTok โ tiktok.com/@merillf
๐ฆ Bluesky โ bsky.app/profile/merill.net
๐ Mastodon โ infosec.exchange/@merill
๐งต Threads โ threads.net/@merillf
๐ค GitHub โ github.com/merill
Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe
View all episodes
By Merill Fernando
5
44 ratings
In this episode of Entra.Chat, I dive into the critical world of app governance with experts Jay Gundotra and Sander Berkouwer, who unpack the hidden risks of non-human identities in Microsoft Entra.
From shocking real-world breaches like Midnight Blizzard to a hilarious tale of a theme parkโs water supply mishap, we explore why securing your cloud apps is more urgent than ever. Tune in to discover practical tips and tools to safeguard your organization without losing your giraffes!
Subscribe with your favorite podcast player or watch on YouTube ๐
About Jay Gundotra
Jay is the CEO and technical founder of E-Now. He has a long history as an Exchange and Active Directory engineer, which led him to found his company and focus on solving complex identity and application governance challenges for enterprises.
LinkedIn - https://www.linkedin.com/in/jay-gundotra-19079a/
About Sander Berkouwer
Sander Berkouwer is a 17-year Microsoft MVP veteran and an accomplished identity architect. With deep expertise from being "in the trenches," he partners with Jay to educate the community and build solutions for managing non-human identities and service principals.
LinkedIn - https://www.linkedin.com/in/sanderberkouwer/
๐ Related Links
* AppGov Community - https://community.appgovscore.com/
* How Ownerless Apps in Entra ID Increase Your Attack Surface
* Securing Workload Identities in Entra ID: A Practical Guide for IT and Security Teams
๐ Chapters
00:00 Intro 01:55 What is App Governance? 04:02 The Origin Story of Focusing on App Governance 08:35 Why App Security is Critical Today 14:15 The Dangers of Over-Privileged Apps 20:38 The Giraffe Story: When Cleanup Goes Wrong 24:42 What Should a Successful Organization Do? 30:22 The Full Application Lifecycle: Onboarding to Offboarding 35:38 Building the AppGov Community 45:04 The Importance of Education and Automation
Podcast Apps
๐๏ธ Entra.Chat - https://entra.chat
๐ง Apple Podcast โ https://entra.chat/apple
๐บ YouTube โ https://entra.chat/youtube
๐บ Spotify โ https://entra.chat/spotify
๐ง Overcast โ https://entra.chat/overcast
๐ง Pocketcast โ https://entra.chat/pocketcast
๐ง Others โ https://entra.chat/rss
Merill's socials
๐บ YouTube โ youtube.com/@merillx
๐ LinkedIn โ linkedin.com/in/merill
๐ค Twitter โ twitter.com/merill
๐บ TikTok โ tiktok.com/@merillf
๐ฆ Bluesky โ bsky.app/profile/merill.net
๐ Mastodon โ infosec.exchange/@merill
๐งต Threads โ threads.net/@merillf
๐ค GitHub โ github.com/merill
Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe
More shows like Entra.Chat
View all
Security Now (Audio)
2,003 Listeners
Windows Weekly (Audio)
879 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
369 Listeners
Risky Business
373 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
638 Listeners
CyberWire Daily
1,016 Listeners
Smashing Security
322 Listeners
Darknet Diaries
8,002 Listeners
Cybersecurity Today
175 Listeners
Hacking Humans
314 Listeners
CISO Series Podcast
188 Listeners
Defense in Depth
73 Listeners
Waveform: The MKBHD Podcast
43 Listeners
Practical 365 Podcast - Microsoft 365, Copilot & Cybersecurity News & Discussions
9 Listeners
Risky Bulletin
44 Listeners