Hacking Entra ID: Inside the Attack & Defense Playbook with its Creators

Sami Lamppu and Thomas Naunheim, the creators of the Entra ID Attack and Defense Playbook, join me to discuss their incredible 5-year community project.We talk about the most complex attacks they’ve researched, including the “black box” token and PRT attacks, and their shocking findings related to TPM and device compliance. We also dive deep into their brand-new chapter on the new Microsoft Entra Connect Application Based Authentication model and the critical steps you must take to secure it.Subscribe with your favorite podcast player or watch on YouTube 👇About Sami & ThomasSami Lamppu is a Microsoft Security MVP and a Principal Cloud Security Lead at Elisa with a strong focus on the blue team side, helping organizations proactively prevent attacks.Thomas Naunheim is a Cybersecurity Architect at glueckkanja and a Microsoft Security MVP. He specializes in Microsoft Entra, identity and access management, and cloud security posture.* Sami LinkedIn - https://www.linkedin.com/in/sami-lamppu/* Thomas LinkedIn - https://www.linkedin.com/in/thomasnaunheim/🔗 Related Links* Entra ID Attack and Defense Playbook - https://github.com/Cloud-Architekt/AzureAD-Attack-Defense📗 Chapters02:35 Origin Story of the Playbook 07:08 Overview of the Attack Chapters 09:53 Who is the Playbook For? 13:59 The Hardest Chapter to Write: Tokens 21:48 Shocking PRT & TPM Findings 24:43 NEW Chapter: Hacking Entra Connect (ABA) 29:10 How to Secure the New Sync Account 36:53 HSCAR: The Posture Analyzer Tool 45:09 Keeping the Playbook Updated & Community 53:12 What’s Next & Final AdvicePodcast Apps🎙️ Entra.Chat - https://entra.chat🎧 Apple Podcast → https://entra.chat/apple📺 YouTube → https://entra.chat/youtube📺 Spotify → https://entra.chat/spotify🎧 Overcast → https://entra.chat/overcast🎧 Pocketcast → https://entra.chat/pocketcast🎧 Others → https://entra.chat/rssMerill’s socials📺 YouTube → youtube.com/@merillx👔 LinkedIn → linkedin.com/in/merill🐤 Twitter → twitter.com/merill🕺 TikTok → tiktok.com/@merillf🦋 Bluesky → bsky.app/profile/merill.net🐘 Mastodon → infosec.exchange/@merill🧵 Threads → threads.net/@merillf🤖 GitHub → github.com/merill Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe

There are no comments yet.

Please log in to write the first comment.