1. Foundations of JML and key business impact

2. JML automation: Onboarding and offboarding at scale

• Integrating with HRMS apps to source employee data
• Automating user creation with birthright access
• Creating user templates for consistent, role-based onboarding
• Dynamic groups to automatically handle group memberships during role changes
• Event-drive orchestration templates for downstream cleanup and offboarding

3. Built-in reports for identity operations and visibility

• Deep-dive into reports library
• Configuring scheduled reports for proactive monitoring and automated delivery
• Customizing reports to meet specific organizational needs

4. Integrations and extensibility

• Connecting HR, ticketing and SIEM tools for end-to-end workflows
• Leveraging ManageEngine Marketplace extensions to extend JML automation

1. GRC fundamentals

2. Setting up access certification campaigns

• Configuring certification scope: Entitlements and users
• Assigning certifiers: Rule-based or predefined
• Tracking certification progress and enforcing remediation for non-compliant access

3. Risk assessment and management

• Identifying risks in your identity environment
• Visualizing attack paths to privileged entities
• Prioritizing and mitigating risks using guided remediation actions

4. Compliance reporting

• Using pre-built compliance reports for common regulatory requirements
• Creating custom reports for local regulations

1. Common administrative and visibility challenges across AD, Entra ID, Microsoft 365, and SharePoint

2. Unified AD, M365, Exchange, and SharePoint management and reporting

• Visibility that spans AD, M365, Exchange, and SharePoint
• Managing users, groups, GPOs, licenses, site permissions, etc., at scale
• Implementing granular delegation to establish secure administrative boundaries
• Automating routine cleanup of orphaned SharePoint sites and stale AD accounts

1. Common attack vectors and Zero Trust principles

2. Enhanced security with MFA

• MFA implementation across endpoints (Windows, macOS, Linux)
• Protection for critical systems and offline access
• Phishing-resistant MFA options
• Conditional access based on context (IP, device, location, time)

3. One identity

• SSO to enterprise applications
• Passwordless authentication for enterprise applications

4. SSPR and breached password protection

• Self-service password reset/account unlock
• Breached password protection integration
• Password expiration notifications
• Cached credential updates
• Password sync across AD and connected applications

• Automating backup of users, groups, mailboxes, etc., across AD, M365, and Google Workspace
• Performing granular or full restores from backups
• Performing point-in-time recovery and rollback of specific identity changes with minimal downtime
• Taking immutable backups to defend against ransomware

• Configuring granular auditing for critical AD and Microsoft 365 objects and events
• Capturing high-risk events (privilege group membership changes, failed logins, permission changes, role changes, etc.)
• Introduction to user behavior analysis
• Setting up alerts for anamolies and threats
• Exploring Attack Surface Analyzer: Identify misconfigurations, insecure permissions, and exposed assets