Speakers: Alexander Weinert, Director of Identity Security, Microsoft; Tia Louden, Senior Program Manager, Microsoft
Date: Tuesday, June 21, 2022
Location: Denver, CO

Description: In November of 2020, the Solarwinds attacks shook the foundations of current identity security strategy. Since then, those same attackers and copycats have been inspired to embrace and extend those techniques. In this talk, we will review four attacker techniques which have gained traction: token theft, application hijacking, consent phishing, and delegated admin takeover. For each, we’ll look at case studies, attack mechanics, attack volumes, and, critically, mitigations to block the adversary techniques which have moved from theory to practice.