This presentation aims to raise awareness about application's potential security threats and demonstrate effective strategies for mitigating these risks. By illustrating a full attack path and showing how to protect and detect such attacks, the presentation aims to equip attendees with the knowledge and tools to enhance the security of their applications.

The presentation will be structured in two parts. The first part will demonstrate a full attack path, showing how an attacker can bypass security measures and log into different apps. This will be followed by demonstrating how to protect and detect against such attacks. The second part will focus on gaining insights into high-privilege applications and conducting risk analysis.

Length: min 60
Presentation + several demos
Audience: Knowledge of what entra ID is.