Explore common observations from a security assessor's perspective in this 47-minute conference talk from Louisville Metro Infosec 2019. Delve into cloud security, data breach statistics, and identity attacks. Learn about secure score types, Microsoft Secure Score, and multi-factor authentication. Discover the differences between legacy and modern authentication, and how to use sign-in logs to identify legacy auth. Examine Azure AD features, including conditional access and baseline policies. Review a comprehensive cloud security checklist and external security observations. Analyze account security, password policies, and guidelines for administrators. Investigate Azure AD Premium Password Protection and other password filter software. Understand the importance of password length, managers, and protecting against credential theft. Explore tiered privilege access, separate administrative accounts, and Privileged Access Workstations (PAWs). Examine endpoint security observations, including LLMNR/NBT-NS poisoning and relay, and Emotet/Trickbot threats. Conclude with common security control observations, commercial solutions, and free tools for enhancing your organization's security posture. Read more