Training
Featured CourseView All Courses

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

SEC595Cyber Defense, Artificial Intelligence
SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
View course detailsRegister
Get a Free Hour of SANS Training

Experience SANS training through course previews.

Learn More
Learning Paths
FeaturedView all Focus Areas
NEW - AI Security Training
Can't find what you are looking for?

Let us help.

Contact us
Free Resources

SANS Community Benefits

Connect, learn, and share with other cybersecurity professionals

Customer Case Studies

Discover how organizations and individual cyber practitioners use SANS training and GIAC certifications

AI Risk & Readiness

Explore expert-driven guidance, training, and tools to help defend against AI-powered threats and adopt AI securely

Join the SANS Community

Become a member for instant access to our free resources.

Sign Up
For Organizations

Public Sector

Mission-focused cybersecurity training for government, defense, and education

Partnerships

Explore industry-specific programming and customized training solutions

Sponsorship Opportunities

Sponsor a SANS event or research paper

Interested in developing a training plan to fit your organization’s needs?

We're here to help.

Contact Us
Group Purchasing
Group Purchasing

Modern Identity Providers Under Attack: Tactics, Techniques, Detections and Mitigations

  • Wed, Nov 19, 2025
  • Duration: 1 Hour
  • English
  • Anurag Khanna
  • Technical Presentation
Login to register
Webcast Hero

As identity has become the new perimeter, threat actors techniques to target Identity has evolved. Attackers are shifting focus from just stealing credentials to compromising the Identity Providers (IdPs) themselves. In this talk, we will share frontline experiences and lessons learned combating attacks on cloud-based identity providers, focusing on Entra ID, ADFS, Okta etc. We will talk about how modern adversaries exploit IAM misconfigurations, abuse trust relationships, register rogue domains or federation providers, manipulate multi-tenant apps, subvert SAML flows, and even bypass MFA protections. We’ll dig into real tactics, detection methods, and defensive playbooks for securing these high-value targets. This talk is valuable for both red and blue teamers: Red teamers will gain insight into current techniques used by threat actors, while blue teamers will learn how to detect and defend against these emerging threats.

Meet Your Speaker

Anurag Khanna
Anurag Khanna

Anurag Khanna

Director, Incident Response at CrowdStrike

Anurag is a SANS Certified Instructor, GIAC Security Expert #97, and Director of Incident Response at CrowdStrike. He teaches SEC504 and leads frontline DFIR investigations across Asia Pacific. He is a speaker at Black Hat, Virus Bulletin, and BSides.

Read more about Anurag Khanna
Modern Identity Providers Under Attack: Tactics, Techniques, Detections and Mitigations | SANS Institute