Defending your cloud against AD FS attacks

Wednesday, 08 Dec 2021 10:30AM EST (08 Dec 2021 15:30 UTC)
Speakers: Dana Baril, Oz Soprin, Security Researcher for Microsoft Defender, Roberto Rodriguez, Principal Threat Researcher at Microsoft.

As organizations move their resources to the cloud, attackers are increasingly looking for ways to abuse Active Directory Federation Services (AD FS) in hybrid cloud environments to accomplish their objectives. Learn from world-class defenders who responded to the NOBELIUM nation-state attack that abused AD FS. In this session we’ll cover:

How defenders can analyze an AD FS attack once compromise is suspected
Walk through a demo of common AD FS attacks such as the forging of SAML tokens
Guidance on how to perform forensics and develop detections

Login to Register

Sponsor

Related Content

Cloud Security, DevSecOps

October 16, 2023

A Visual Summary of SANS CloudSecNext Summit 2023

SANS CloudSecNext Summit was hybrid event for the cloud security community. Check out these graphic recordings of the talks created in real-time.

Cloud Security, DevSecOps

August 18, 2023

A Visual Summary of SANS Cloud Security Exchange 2023

Check out these graphic recordings created in real-time throughout the event for SANS Cloud Security Exchange 2023.

CloudSecNext Summit Visual Summary

Cloud Security, DevSecOps

A Visual Summary of SANS CloudSecNext Summit 2022

On May 3-4, thousands from around the globe tuned in for the SANS CloudSecNext Summit. We invited Ashton Rodenhiser to create graphic recordings of our Summit presentations. If you missed a talk or are looking to view the SANS CloudSecNext Summit through a visual lens, take a look at the recordings...