As organizations migrate to Microsoft Security solutions, they face growing complexity in threat detection, response, and compliance. This session explores how Lumen Defender complements Microsoft's native security stack to deliver outside-in intelligence from the world’s most interconnected internet backbone, enabling SOC teams to quickly detect and respond to alerts with confidence. Attendees will leave with actionable strategies to strengthen their security posture and accelerate ROI.

This lab offers a hands-on deep dive into Microsoft Defender for Cloud’s CSPM features, teaching participants how to assess and improve cloud security across hybrid environments. Attendees will identify misconfigurations, apply compliance frameworks, and automate remediation strategies to strengthen their security posture.

Please RSVP and arrive at least 5 minutes before the start time, at which point remaining spaces are open to standby attendees.

Whether you use Ubuntu, RHEL, SLES, or Rocky, deploying Linux on Azure is more than provisioning VMs. Learn to build secure, performant Linux environments using Azure-native tools and partner integrations. See how to streamline image creation, harden workloads, monitor performance, and stay compliant with Azure Monitor, Defender for Linux, PostgreSQL on Azure, and the secure Linux baseline. Whether architect or OSS advocate, this session helps you confidently “train your penguin” for the cloud.

Explore how Microsoft Sentinel’s platform architecture scales security operations and empowers teams with graph intelligence, data lake integration, and agentic workflows - to automate, investigate, and respond with speed and precision.

Explore advancements in Windows resiliency. Learn about joint efforts with security partners to develop security tools that operate outside the Windows kernel. Get to know new Windows recovery tools and features designed to restore devices efficiently after unforeseen PC incidents.

To stay ahead, organizations need a secure, identity-based foundation for your digital landscape. Learn what Microsoft Entra and Intune bring across the M365 stack to help you reach a Zero Trust security posture with more compliance and control in the era of AI. We’ll dive into top scenarios that bring to life what you need to maximize your Microsoft investment.

Microsoft 365 powers enterprise productivity, but cyberattacks are rising—often targeting misconfigurations fast. Meet Corey, a secure AI operations assistant for Microsoft 365, built on CoreView’s proven least privilege framework. Respond to threats instantly, enforce policies like MFA organization-wide, and keep every action secure and auditable—accelerating IT, reducing risk, and maximizing Microsoft 365 tenant resilience.

Join F5 to see how we empower organizations to deliver and secure AI models and agent architectures at scale. We’ll share our journey with Microsoft—from our integrations with Azure to our participation in the new Microsoft Security Store—and how F5 helps ensure the reliable delivery and robust protection of every app, API, and AI workload. Learn how advanced traffic management, policy enforcement, and integrated guardrails optimize and protect your AI apps.

Tour the Foundry Control Plane, the unified management hub that connects Entra Agent ID, guardrails, observability, and runtime security, and see how easy it is to register, monitor, and govern agents. Get hands-on tips for scaling with confidence using Microsoft Foundry.

Cloud security must evolve beyond static scans. In this session, learn how a runtime security fabric unifies CSPM, DSPM, and workload protection to deliver context-rich defense for modern applications. See how runtime insights, tied to AI and posture data, help cut noise, speed root cause analysis, and strengthen resilience across multi-cloud environments.

Agent readiness is more than a technology conversation—it’s a holistic approach that spans strategy, business process mapping, technology and data foundations, organizational culture, and security and governance. This session will unpack the five pillars of agent readiness and offer practical guidance to help your organization prepare for AI agents at scale. You’ll leave with a framework to assess and accelerate your readiness journey.

Transparent communication during outages is crucial. This session outlines our evolving approach to incident communication, emphasizing openness and trust with customers. We’ll review recent impactful outages, key principles guiding our strategy, and the evolving best practices we execute across our engineering teams for quality and security. Attendees will gain insights into our handling of real-world incidents and how their own teams can evolve to reduce the impact of outages.

Transform Microsoft 365 Copilot to talk, think, and work like your organization with Copilot Tuning—no coding or data scientists required. Explore supervised and reinforcement learning, new agent capabilities, built-in security, and more. See how leading enterprises unlock value with proven best practices for fine-tuning—starting with use case selection and extending through data prep, training, and administration.

Delivered in a silent stage breakout.

Managing endpoints in the cloud is a fundamental piece of the Zero Trust puzzle and of delivering the optimal AI experience for business. In this session, we’ll demystify what that means in practice. See how Microsoft Intune brings Zero Trust to life by connecting device and app management, compliance, and threat protection. We’ll show how cloud-native management establishes a stronger security foundation and enables safe, scalable adoption of AI. Strengthen endpoint protection across Windows, macOS, iOS, and Android—helping IT teams stay ahead of threats while empowering employees to work productively and securely from anywhere.

Protect what matters most to customers: the cloud, AI platforms, and business-critical applications. Discover how Microsoft Defender for Cloud provides a unified, intelligent solution for safeguarding workloads across multi-cloud and hybrid environments, enabling you to confidently deliver security at the speed of innovation. We'll show you how to position secure migration strategies to customers and use GTM resources and partner incentives to increase engagement.

AI agents like GitHub Copilot have transformed how developers build software. In this session, learn how to leverage GitHub’s governance and security capabilities to enable agents at scale. We’ll cover best practices for rolling out agents across your organization, aligning with developer workflows, and maintaining oversight while embracing this new era of software development.

We release new Windows features and enhancements year-round. Learn how to stay up-to-date on what’s coming next in security, productivity, and AI. Learn how to preview features on individual devices, virtual machines, or across your organization so you can deploy the latest features and updates faster and with confidence. We'll also explore how you can engage directly with the product teams with related programs like the Customer Connection Program.

AI is only as good as the data it runs on. With data spread across multiple platforms, it’s a challenge to ensure quality and security. As the first Iceberg-based OneLake integration partner, we’re enabling seamless, bidirectional data access between Snowflake and Microsoft Fabric. Join this session to see how the Onelake integration and Snowflake’s robust features for the Microsoft ecosystem unlock endless possibilities, from building better AI to developing powerful business applications.

To meet the growing demand for resilient and high-performance infrastructure for AI workloads, Azure introduces key advancements across its networking stack. The new StandardV2 NAT Gateway delivers zonal resiliency and IPv6 support, now enhanced with flow logs in private preview for deeper traffic visibility. ExpressRoute continues to evolve with metro expansion, general availability of resiliency and scalable gateways, and upcoming support for high-capacity connections up to 1Tbps. Complementing these capabilities, a customer story highlights how DNS traffic is secured and visualized using DNS security policies and threat intelligence on Azure Virtual Networks.

Connection Pods accommodate up to 15 people. Please RSVP and arrive at least 5 minutes before the start time, at which point remaining spaces are open to standby attendees.

Discover new out-of-box Microsoft Purview reports—covering label activities, DLP activities, and usage metrics—and learn how Purview reporting delivers a holistic view of your security posture for smarter, data-driven decisions.