Explore the critical security vulnerabilities associated with Azure AD guest accounts in this eye-opening 38-minute Black Hat conference talk. Discover how external parties can exploit undocumented APIs to bypass limitations and gain unauthorized access to sensitive enterprise resources. Learn about the potential risks to corporate SQL servers, SharePoint sites, and KeyVault secrets. Presented by Michael Bargury, this session challenges the common assumption that guest accounts pose minimal security threats, providing valuable insights for IT security professionals and enterprise administrators.
Overview
Syllabus
All You Need is Guest
Taught by
Black Hat
Related Courses
-
All You Need Is Guest - Securing EntraID Guest Accounts
-
Exploiting EntraID Guest Access - Security Vulnerabilities and Defenses
-
Ethical Hacking From Scratch
-
Abusing the Internet of Things - Blackouts, Freakouts, and Stakeouts
-
Hacking Web Applications & Penetration Testing: Web Hacking
-
Bypassing 2Factor Auth with Android Trojans
