Presented by the Microsoft Security Community
Get ready for an electrifying event! The Microsoft Security Community proudly presents Purview Lightning Talks; an action-packed series featuring your fellow Microsoft users, partners and passionate Microsoft Security community members of all sorts. Each 3-12 minute talk cuts straight to the chase, delivering expert insights, real-world use cases, and even a few game-changing tips and tricks. Don’t miss this opportunity to learn, connect, and be inspired!
Secure your spot now for the big day: April 30th at 8am Redmond Time. See agenda details below and follow this blog post (sign in and click the "follow" heart in the upper right) to receive notifications.
❗UPDATE❗This event is expected to last around 2 hours and 15 minutes, due to the incredible number of community sessions that were submitted! 💖
Please see the timing table below broken out into sections of four talks each, and plan to arrive 10 minutes before the section that interests you, OR stay for the whole time! Speakers will be available in the chat to answer your questions; please ask your questions during their session. Spillover Q&A forum links will also be shared. The full session recording will be indexed and posted to Microsoft Security Community YouTube within 24 hours after the event. Bookmark this page or follow this blog post for updates!
Agenda Legend
↩️ Data Lifecycle Management
🔐 Information Protection
🚫 Data Loss Prevention (DLP)
🦾 Data Security Posture Management (DSPM) for AI
🤖 Purview for AI
👁️ Insider Risk Management (IRM)
🔍 eDiscovery
📊 Governance
🗒️ Compliance Manager
🛡️ Data Security
↩️ Data Lifecycle Management
🔐 Information Protection
🚫 Data Loss Prevention (DLP)
🦾 Data Security Posture Management (DSPM) for AI
🤖 Purview for AI
👁️ Insider Risk Management (IRM)
🔍 eDiscovery
📊 Governance
🗒️ Compliance Manager
🛡️ Data Security
All times are listed in US Pacific/Redmond Time. Session lengths are rounded to the nearest minute.
Section 1 - approximately 8:00 am - 8:43 am
↩️ The Day Offboarding Exposed Infinite Retention — Nikki Chapple
A routine Purview request led to an unexpected discovery: more than 9,000 orphaned OneDrives and thousands of inactive mailboxes still storing content long after employees had left. This talk explains how a retain-only policy created hidden retention debt and how Adaptive Scopes can help organisations separate active users from leavers to avoid similar pitfalls.
🔐 The Purview Label Engine: Automated Classification, Translation, and co-Documentation for Enterprise Tenants — Michael Kirst-Neshva
Global enterprises face the challenge of implementing uniform data protection standards across borders and languages. In this talk, I’ll present a framework that makes Microsoft Purview labels truly scalable. Discover how to roll out parent and child label logics automatically, manage priorities with a single click, and generate instant compliance documentation for every business unit.
🗒️ What's In My Compliance Manager Toolbox: A Cloud Security Architect's Perspective — Jerrad Dahlager
A practical walkthrough of how I use Compliance Manager across real client engagements to map controls, track improvement actions, and simplify multi-framework compliance. No theory, just what works in the field.
🛡️ Stop, Think, Protect: Data Security in Real Life with Purview — Oliver Sahlmann
With simple labels and matching DLP policies, Purview offers a practical and accessible way to approach data security. This lightning talk uses a real-life traffic light concept to show how a low barrier to adoption can still drive meaningful protection and awareness.
Section 2 - approximately 8:44 am - 9:15 am
🔐 Using Purview to prevent oversharing with AI services — Viktor Hedberg
In this day and age, AI is the big thing. However, Copilot has access to everything you can access, including potentially sensitive data. In this session we will look at how to prevent Copilot to access highly sensitive data, using Information Protection.
🦾 How I Helped My Customers Understand their AI Usage (and protect their sensitive data) — Bram de Jager
As AI tools explode across the web, many organizations still have no idea what’s actually happening in the browser—where employees type prompts, paste sensitive data, or visit public AI sites outside corporate governance. In this lightning talk, I’ll share how I helped customers shine a light on this issue. We’ll explore how Purview Data Security Posture Management (DSPM) can reveal which AI tools employees use, what types of data they input, and where sensitive information may leak through prompts. I’ll walk through real customer scenario where we detected risky AI usage patterns—such as employees pasting confidential documents into public chatbots.
🔐 Four Labels Max for Daily Use: Which Ones & Why? — Romain Dalle
Sensitivity labels are one of the most critical parts of a Purview Risk and compliance deployment, if not the most critical, because it directly impacts how end-users and business units should allow or restrict themselves to share their business data, internally and externally, on a daily basis. Labels have not other options than being precise, meaningful, and balanced in terms of embedded data security. Setting the right taxonomy is core to success, and is everything but a one-time project.
🚫 Data-driven Endpoint DLP Solution with Advanced Hunting — Tatu Seppälä
This lightning talk shows you how to use KQL queries in advanced hunting to easily build initial sensitive service domain groups for authorized and unauthorized domains based on your organization's usage patterns. The same approach can be used for numerous other similar solution refinement and design purposes.
Section 3 - approximately 9:16 am - 9:46 am
🔐 The Purview Hack No One Talks About: Container Sensitivity Labels That Fix Oversharing Fast — Nikki Chapple
Most organizations tackle oversharing with manual fixes, but the fastest solution is often overlooked. In this lightning talk, I show how container sensitivity labels automatically apply the right sharing and collaboration controls, ensuring every new Group, Team or SharePoint site starts secure by default.
🔍 Does M365 Support eDiscovery? — Julian Kusenberg
A myth-busting session that separates perception from reality when it comes to Microsoft 365 eDiscovery capabilities.
📊 Improving Discovery, Trust, and Reuse of Analytics with Purview Data Products — Craig Wyndowe
This talk shows how bringing Power BI and Fabric assets into Microsoft Purview Governance Domains and Data Products creates a single, trusted view of enterprise analytics. By connecting reports, semantic models, and underlying data with shared metadata, ownership, and business context, organizations can make existing assets easy to discover and safe to reuse.
🔐 Why You Should Create Your Own Sensitive Information Types (SITs) — Niels Jakobsen
An in depth analysis of why Microsoft SITs are not one-size-fits-all, and how to create your own using what Microsoft has already built for you.
Section 4 - approximately 9:47 am-10:30 am
👁️ From Zero to First Signal: Insider Risk Management Prerequisites That Actually Matter — Sathish Veerapandian
A focused live demo showing the real world prerequisites required for Microsoft Purview Insider Risk Management to work effectively. This session highlights the critical Entra ID, Intune, Microsoft Defender for Endpoint, and Purview DLP configurations that must be in place before creating IRM policies.
🤖 Securing data in the age of AI — Júlio César Gonçalves Vasconcelos
AI will transform business as we know it; but without proper governance, it can introduce serious risks. We’ll show you how Microsoft Purview enables organizations to accelerate AI adoption while maintaining security, compliance, and transparency.
🔍 Beyond eDiscovery - Purview DSI for Security Investigation — Susantha Silva
Most people hear “Microsoft Purview” and immediately think compliance, eDiscovery, or legal holds. But this session highlights Data Security Investigations, showing how DSI lets you take a DLP alert or insider risk signal and turn it into a structured investigation.
🚫 Elevating Purview DLP with a real world use case — Victor Wingsing
Learn how I hardened Microsoft Purview DLP beyond out of the box defaults—closing real world data loss gaps, tuning policies to actual user behavior, and turning noisy alerts into protection that really blocks exfiltration.
- Quick Closing/ Resource Sharing
Updated Apr 27, 2026
Version 5.0
RenWoods
Microsoft
Microsoft