SIGS User Group
Stronger Together in
Microsoft Security
(registration will be closed October 17th, 2024)
Let's start with Sentinel & Defender!
Join us on July 8th, 2025 and earn 2.5 CPEs
(registration will be closed July 7th, 2025!)
User Group for Microsoft Security and let's start with Sentinel & Defender
Microsoft Sentinel and Defender are powerful tools for securing today’s IT environments – but many organizations struggle to make the most of them. Complex setups, unclear workflows, and a lack of shared best practices often stand in the way of real value.
That’s where our user group comes in!
Connect with peers who, like you, work hands-on with Microsoft Security every day. Share real-world experiences, exchange tips and tricks, and learn practical solutions from others who’ve faced the same challenges.
What you can expect:
Whether you're just getting started or already deep in the field – what counts is your curiosity and your willingness to grow and learn from others.
Join the community. Together, we’ll master Microsoft Security and looking forward to organize further meetings based on your input.
For further planned events please check https://www.sig-switzerland.ch/upcoming-events/
Looking forward to seeing you there,
Your SIGS Team
As always: sales peoples (incl. CEO's and Founders), vendors and all peoples who just like to sell their products or services are not allowed to take part at SIGS events.
Microsoft Sentinel and Defender are powerful tools for securing today’s IT environments – but many organizations struggle to make the most of them. Complex setups, unclear workflows, and a lack of shared best practices often stand in the way of real value.
That’s where our user group comes in!
Connect with peers who, like you, work hands-on with Microsoft Security every day. Share real-world experiences, exchange tips and tricks, and learn practical solutions from others who’ve faced the same challenges.
What you can expect:
- Hands-on exchange of real-world use cases
- Open discussions about challenges, solutions, and best practices
- Direct interaction with experts and fellow security professionals
Whether you're just getting started or already deep in the field – what counts is your curiosity and your willingness to grow and learn from others.
Join the community. Together, we’ll master Microsoft Security and looking forward to organize further meetings based on your input.
For further planned events please check https://www.sig-switzerland.ch/upcoming-events/
Looking forward to seeing you there,
Your SIGS Team
As always: sales peoples (incl. CEO's and Founders), vendors and all peoples who just like to sell their products or services are not allowed to take part at SIGS events.
Location & LOCATION SPONSOR
Eraneos Switzerland AG
Andreasstrasse 11
8050 Zürich
DATE & TIME
July 8th, 2025, 4:00 pm - open end incl. dinner
ARRIVAL & Parking
Trainstation Oerlikon is around 6 minutes away
Parking Messe Zurich is around 7 minutes away
Parking Messe Zurich is around 7 minutes away
Participation Fee
EUR 60.--
4:00 pm
Registration
4:30 PM
Welcome & introduction from SIGS and the moderators Umberto Annino & Leander Sabel
4:40 PM
Ursina Livers, Cyber Security Engineer at AMINA Bank AG
Leveraging Sentinel and Microsoft Security Suite to its fullest: Lessons Learned
In today's rapidly evolving threat landscape, maintaining a robust Security Operations Center (SOC) with limited human resources is a significant challenge. This presentation explores how AMINA Bank AG successfully implemented Microsoft Sentinel and Microsoft Security Suite to achieve an almost fully automated SOC, significantly enhancing our security posture while optimizing resource allocation.
We will delve into the different challenges we faced and how the Microsoft Security Suite helped us to overcome them. By leveraging the capabilities of Microsoft Security Suite, we streamlined our security operations, enabled near real-time threat intelligence consumption, and built reliable automated remediation workflows.
Join us to learn how automation and intelligent security solutions can transform your SOC operations, ensuring robust protection with efficient use of resources.
Leveraging Sentinel and Microsoft Security Suite to its fullest: Lessons Learned
In today's rapidly evolving threat landscape, maintaining a robust Security Operations Center (SOC) with limited human resources is a significant challenge. This presentation explores how AMINA Bank AG successfully implemented Microsoft Sentinel and Microsoft Security Suite to achieve an almost fully automated SOC, significantly enhancing our security posture while optimizing resource allocation.
We will delve into the different challenges we faced and how the Microsoft Security Suite helped us to overcome them. By leveraging the capabilities of Microsoft Security Suite, we streamlined our security operations, enabled near real-time threat intelligence consumption, and built reliable automated remediation workflows.
Join us to learn how automation and intelligent security solutions can transform your SOC operations, ensuring robust protection with efficient use of resources.
5:15 PM
Jonas Mücksch, Consultant & Paul Montague, Digital Infrastructure Consultant at Eraneos
A scalable approach to monitor application security logs with Microsoft Sentinel
Monitoring application (layer 7) security logs further hardens an enterprise’s security, as this layer encompasses e.g. critical business logic, deployments, and user actions, which are not monitored through classical monitoring on lower layers. However, a key challenge of application log monitoring is the lack of standardization in application logs, impeding effective detection and response. To address this, we developed a scalable and flexible security log monitoring solution that enhances visibility on the application layer.
Our approach collects and securely transfers diverse on-premise application logs to a cloud-native analytics environment centered around Azure Log Analytics Workspace and Microsoft Sentinel. Advanced monitoring, threat detection, and incident response are performed within Sentinel, empowering application teams to capture actionable insights from rich application context. The application onboarding is streamlined by means of standardized base use cases and log transformations. This approach supports rapid and consistent integration regardless of log format variability. Moreover, a robust CI/CD pipeline with infrastructure-as-code (Terraform) supports rapid adjustments.
This presentation details our end-to-end architecture, pragmatic choices, and encountered challenges, demonstrating how seamless application log monitoring advances threat detection and resilience for critical applications across a complex and diverse enterprise landscape.
A scalable approach to monitor application security logs with Microsoft Sentinel
Monitoring application (layer 7) security logs further hardens an enterprise’s security, as this layer encompasses e.g. critical business logic, deployments, and user actions, which are not monitored through classical monitoring on lower layers. However, a key challenge of application log monitoring is the lack of standardization in application logs, impeding effective detection and response. To address this, we developed a scalable and flexible security log monitoring solution that enhances visibility on the application layer.
Our approach collects and securely transfers diverse on-premise application logs to a cloud-native analytics environment centered around Azure Log Analytics Workspace and Microsoft Sentinel. Advanced monitoring, threat detection, and incident response are performed within Sentinel, empowering application teams to capture actionable insights from rich application context. The application onboarding is streamlined by means of standardized base use cases and log transformations. This approach supports rapid and consistent integration regardless of log format variability. Moreover, a robust CI/CD pipeline with infrastructure-as-code (Terraform) supports rapid adjustments.
This presentation details our end-to-end architecture, pragmatic choices, and encountered challenges, demonstrating how seamless application log monitoring advances threat detection and resilience for critical applications across a complex and diverse enterprise landscape.
5:35 PM - 5:50 pm
Short break
5:50 PM
Umberto Annino & Leander Sabel will moderate:
Your voice matters!
We want to hear your experiences – the successes, the roadblocks, and everything in between. Whether you’re dealing with Sentinel, Defender, or the broader Microsoft Security ecosystem, your unique perspective helps the entire community grow.
Bring your questions, share your needs, and let’s shape the conversation together. Every contribution counts, and everyone has something valuable to offer.
We would also like to know what other topics you are interested in so that we can organize the topics for future meetings
Your voice matters!
We want to hear your experiences – the successes, the roadblocks, and everything in between. Whether you’re dealing with Sentinel, Defender, or the broader Microsoft Security ecosystem, your unique perspective helps the entire community grow.
Bring your questions, share your needs, and let’s shape the conversation together. Every contribution counts, and everyone has something valuable to offer.
We would also like to know what other topics you are interested in so that we can organize the topics for future meetings
6:30 Pm
Apéro Riche incl. networking and know how sharing till open end
Contributors & Speakers
Below you will find our contributors and speakers to whom we say a big thank you !
Umberto Annino
Cloud Solution Architect Data Security & Compliance at Microsoft
Further information at Umberto Annino | LinkedIn
Paul Montague
Digital Infrastructure Consultant at Eraneos
Further information at Paul Montague | LinkedIn
Leander Sabel
Security Architecture Lead at Eraneos Switzerland
Further information at Leander Sabel | LinkedIn
Contact Us
If you have any questions or you like to get information about further events, please do not hesitate to contact us!