With more AI agents and automated workloads in use, non-human identities are now a key part of the attack surface. In this webcast, we explain how agent identities work in Microsoft Entra ID, what signals and risk detections they produce, and how SOC teams can respond without interrupting important business workflows. You'll come away with a clear understanding and practical tips to spot abuse, assess impact, and act quickly.
Who Should Attend?
- IAM engineers and architects
- Security engineers and cloud security engineers
- SOC analysts and incident responders
- Microsoft 365 and Entra administrators with security responsibility
- Cybersecurity consultants focused on Microsoft or hybrid identity environments
- IT administrators moving into security or identity-focused roles
Learning Objectives:
- Understand how agent (non-human) identities operate in Microsoft Entra ID
- Recognize the attack surface and abuse paths (credentials, tokens, overprivileged access)
- Identify key telemetry and detection signals across identity and activity logs
- Correlate signals to distinguish legitimate automation from abuse
- Assess impact and persistence of compromised agent identities
- Apply practical response actions without disrupting business workflows
