Bypassing Entra ID Conditional Access - A Deep Dive Into Device Authentication Mechanisms
Offered By: Black Hat via YouTube
Course Description
Overview
Dive deep into the internal workings of device authentication in Entra ID Conditional Access through this conference talk. Explore how attackers can potentially bypass device authentication without administrator privileges by interacting with device certificates and session keys protected by TPM. Learn about the discovered attack implemented through reverse-engineering Microsoft authentication library, which currently has no fix. Walk through the details of the device authentication flow, attack mechanisms for bypassing Conditional Access, and gain insights into defending against and detecting such attacks. Understand the implications for securing Microsoft cloud infrastructure and the challenges in applying appropriate access controls.
Syllabus
Bypassing Entra ID Conditional Access Like APT: A Deep Dive Into Device Authentication Mechanisms
Taught by
Black Hat
Related Courses
Overview and Recent Developments in TPM - Kernel Space UpdatesLinux Foundation via YouTube Updating Linux with TUX: Trust Update for Linux Kernel
Linux Foundation via YouTube Abusing Linux as a Trusted Bootloader
Linux Foundation via YouTube Where Are Your Images Running? Stop Worrying and Start Encrypting!
CNCF [Cloud Native Computing Foundation] via YouTube Securing Firmware - Secure and Trusted Boot in OpenBMC
linux.conf.au via YouTube