Microsoft Cloud Security Incident Readiness Lab

Speaker:
Waseem Awwad – Microsoft MVP, Security and Azure

Event Type:
Online technical community lab

Event Description:
Join this online technical community lab focused on incident readiness in Microsoft cloud and hybrid environments.

This session will help attendees understand how to prepare for common cloud security incidents before they happen, with a practical focus on Microsoft security capabilities, cloud visibility, identity-related risks, endpoint signals, alert triage, evidence collection, escalation paths, and remediation coordination.

The lab will walk through the key areas security and IT teams should consider when operating Azure and hybrid environments. It will explain how gaps in monitoring, ownership, identity controls, endpoint visibility, or response processes can delay investigation and increase risk during a real incident.

The session is designed to be practical and scenario-driven, helping participants think through how Microsoft cloud security tools and operational processes can support faster investigation, clearer decision-making, and more effective response.

Key Topics:
Cloud security incident readiness
Alert triage and investigation flow
Identity-related security risks
Endpoint signals and device exposure
Cloud exposure and monitoring gaps
Evidence collection and escalation paths
Remediation coordination and ownership
Incident readiness across Azure and hybrid environments

Technology Areas:
Cloud Security
Azure Hybrid & Migration

Target Audience:
Security Professionals
IT Professionals
Cloud Operations Teams
Cloud Architects
Technical Decision-Makers

Short Summary:
An online technical lab focused on Microsoft cloud and hybrid incident readiness, covering alert triage, identity risks, endpoint signals, monitoring gaps, evidence collection, escalation, and remediation coordination.