This presentation aims to raise awareness about application's potential security threats and demonstrate effective strategies for mitigating these risks. By illustrating a full attack path and showing how to protect and detect such attacks, the presentation aims to equip attendees with the knowledge and tools to enhance the security of their applications.

This presentation is very demo heavy showcasing mfasweep, illicent consent 3rd party application and configuring conditional access policy to protect applications

Some drilldown in logs and how to detect.

Presentation + 70 % Demo
Audience: Knowledge of what Entra ID is.