Sign up to save your podcasts
Or
Share Hacking Entra ID: Inside the Attack & Defense Playbook with its Creators
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Hacking Entra ID: Inside the Attack & Defense Playbook with its Creators
Sami Lamppu and Thomas Naunheim, the creators of the Entra ID Attack and Defense Playbook, join me to discuss their incredible 5-year community project.
We talk about the most complex attacks theyβve researched, including the βblack boxβ token and PRT attacks, and their shocking findings related to TPM and device compliance. We also dive deep into their brand-new chapter on the new Microsoft Entra Connect Application Based Authentication model and the critical steps you must take to secure it.
Subscribe with your favorite podcast player or watch on YouTube π
About Sami & Thomas
Sami Lamppu is a Microsoft Security MVP and a Principal Cloud Security Lead at Elisa with a strong focus on the blue team side, helping organizations proactively prevent attacks.
Thomas Naunheim is a Cybersecurity Architect at glueckkanja and a Microsoft Security MVP. He specializes in Microsoft Entra, identity and access management, and cloud security posture.
* Sami LinkedIn - https://www.linkedin.com/in/sami-lamppu/
* Thomas LinkedIn - https://www.linkedin.com/in/thomasnaunheim/
π Related Links
* Entra ID Attack and Defense Playbook - https://github.com/Cloud-Architekt/AzureAD-Attack-Defense
π Chapters
02:35 Origin Story of the Playbook
07:08 Overview of the Attack Chapters
09:53 Who is the Playbook For?
13:59 The Hardest Chapter to Write: Tokens
21:48 Shocking PRT & TPM Findings
24:43 NEW Chapter: Hacking Entra Connect (ABA)
29:10 How to Secure the New Sync Account
36:53 HSCAR: The Posture Analyzer Tool
45:09 Keeping the Playbook Updated & Community
53:12 Whatβs Next & Final Advice
Podcast Apps
ποΈ Entra.Chat - https://entra.chat
π§ Apple Podcast β https://entra.chat/apple
πΊ YouTube β https://entra.chat/youtube
πΊ Spotify β https://entra.chat/spotify
π§ Overcast β https://entra.chat/overcast
π§ Pocketcast β https://entra.chat/pocketcast
π§ Others β https://entra.chat/rss
Merillβs socials
πΊ YouTube β youtube.com/@merillx
π LinkedIn β linkedin.com/in/merill
π€ Twitter β twitter.com/merill
πΊ TikTok β tiktok.com/@merillf
π¦ Bluesky β bsky.app/profile/merill.net
π Mastodon β infosec.exchange/@merill
𧡠Threads β threads.net/@merillf
π€ GitHub β github.com/merill
Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe
View all episodes
By Merill Fernando
5
44 ratings
Sami Lamppu and Thomas Naunheim, the creators of the Entra ID Attack and Defense Playbook, join me to discuss their incredible 5-year community project.
We talk about the most complex attacks theyβve researched, including the βblack boxβ token and PRT attacks, and their shocking findings related to TPM and device compliance. We also dive deep into their brand-new chapter on the new Microsoft Entra Connect Application Based Authentication model and the critical steps you must take to secure it.
Subscribe with your favorite podcast player or watch on YouTube π
About Sami & Thomas
Sami Lamppu is a Microsoft Security MVP and a Principal Cloud Security Lead at Elisa with a strong focus on the blue team side, helping organizations proactively prevent attacks.
Thomas Naunheim is a Cybersecurity Architect at glueckkanja and a Microsoft Security MVP. He specializes in Microsoft Entra, identity and access management, and cloud security posture.
* Sami LinkedIn - https://www.linkedin.com/in/sami-lamppu/
* Thomas LinkedIn - https://www.linkedin.com/in/thomasnaunheim/
π Related Links
* Entra ID Attack and Defense Playbook - https://github.com/Cloud-Architekt/AzureAD-Attack-Defense
π Chapters
02:35 Origin Story of the Playbook
07:08 Overview of the Attack Chapters
09:53 Who is the Playbook For?
13:59 The Hardest Chapter to Write: Tokens
21:48 Shocking PRT & TPM Findings
24:43 NEW Chapter: Hacking Entra Connect (ABA)
29:10 How to Secure the New Sync Account
36:53 HSCAR: The Posture Analyzer Tool
45:09 Keeping the Playbook Updated & Community
53:12 Whatβs Next & Final Advice
Podcast Apps
ποΈ Entra.Chat - https://entra.chat
π§ Apple Podcast β https://entra.chat/apple
πΊ YouTube β https://entra.chat/youtube
πΊ Spotify β https://entra.chat/spotify
π§ Overcast β https://entra.chat/overcast
π§ Pocketcast β https://entra.chat/pocketcast
π§ Others β https://entra.chat/rss
Merillβs socials
πΊ YouTube β youtube.com/@merillx
π LinkedIn β linkedin.com/in/merill
π€ Twitter β twitter.com/merill
πΊ TikTok β tiktok.com/@merillf
π¦ Bluesky β bsky.app/profile/merill.net
π Mastodon β infosec.exchange/@merill
𧡠Threads β threads.net/@merillf
π€ GitHub β github.com/merill
Get full access to Entra.News - Your weekly dose of Microsoft Entra at entra.news/subscribe
More shows like Entra.Chat
View all
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
371 Listeners
Risky Business
376 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
638 Listeners
The Amp Hour Electronics Podcast
232 Listeners
CyberWire Daily
1,021 Listeners
Microsoft Cloud IT Pro Podcast
64 Listeners
Cybersecurity Today
177 Listeners
Hacking Humans
314 Listeners
CISO Series Podcast
189 Listeners
Defense in Depth
74 Listeners
Practical 365 Podcast - Microsoft 365, Copilot & Cybersecurity News & Discussions
9 Listeners
The Azure Security Podcast
23 Listeners
Cyber Security Headlines
136 Listeners
Blue Security
15 Listeners
Risky Bulletin
46 Listeners