Overview
Syllabus
- Introduction
- Credential protection
- Authentication strengths
- Protection for strong authentication method registration
- Additional protections
- Shift to token theft
- Tokens we get
- Secrets on the machine
- Primary Refresh Token
- Session Key
- Refresh and Access Tokens
- Token theft
- Protections
- Entra Internet Access
- Machine management
- Token binding
- Proof of Possession
- Token brokers and MSAL
- Requiring token binding
- Demonstrated Proof of Possession standard
- Detection
- Continuous Access Evaluation
- Identity Protection
- Summary
- Close
Taught by
John Savill's Technical Training