Defending your cloud against AD FS attacks

  • Webcast Scheduled to Air Wednesday, 08 Dec 2021 10:30AM EST (08 Dec 2021 15:30 UTC)
  • Speakers: Blake Strom, Dana Baril

As organizations move their resources to the cloud, attackers are increasingly looking for ways to abuse Active Directory Federation Services (AD FS) in hybrid cloud environments to accomplish their objectives. Learn from world-class defenders who responded to the NOBELIUM nation-state attack that abused AD FS. In this session we’ll cover:

  • How defenders can analyze an AD FS attack once compromise is suspected
  • Walk through a demo of common AD FS attacks such as the forging of SAML tokens
  • Guidance on how to perform forensics and develop detections

Sponsor

Microsoft.png