In today’s threat landscape, misconfigurations and weak posture are the attacker’s best friend. While most posture solutions focus on configuration drift and compliance scores—attackers don’t care about scores, they care about opportunities.
This session takes the attacker’s perspective: how do misconfigured identities, endpoints, and cloud resources turn into a real-world attack path? We will demonstrate, how common mistakes in Microsoft 365 and Azure environments can be chained together to escalate privileges and achieve persistence. From overly broad role assignments to weak conditional access enforcement, participants will see how gaps that look harmless in isolation can combine into a breach. We will then show how posture management, when threat-driven, can break these chains and reduce risk where it matters most.

The session is mostly technical, focused on the mechanics of attack and defense, and gives attendees concrete scenarios that have been seen in the last years to help identify issues before adversaries exploit them.