Azure AD is used by Microsoft Office 365 and over 2900 third-party apps. Although Azure AD is commonly regarded as secure, there are known security issues regarding to identity federation, pass-through authentication, and seamless single-sign-on.
In this session, using AADInternals toolkit, I will demonstrate how to create backdoors, impersonate users, and bypass MFA. Methods for detecting rogue behaviour are also introduced.
The purpose of this session is to raise awareness of the information security, the importance of the principle of least privilege, and the crucial role of on-prem security to cloud security.
More About This Author
- YouTube2021.04.05Natraj Yegnaraman – Becoming an Action hero with GitHub and Power Platform – YouTube
- YouTube2021.04.05EE Lane Yu – Tips to Build Inclusive Canvas Power Apps – YouTube
- YouTube2021.03.31Wriju Ghosh – Web Developers Journey to Cloud – YouTube
- YouTube2021.03.24Jeevarajan Kumar – Everything you need to know about D365 Customer Insights – YouTube