Session

Managed Identity for Hackers and Developers

There are so many managed cloud services today, it can be hard to follow what each is used for. This makes access management a critical area on which cloud security professionals should focus.

Managed identities provide an identity for applications to use when connecting to resources that support Microsoft Entra ID authentication.

As with any identity, this must be configured correctly, otherwise the identity may be compromised and the malicious actor can gain privileged access.

Session contains:
- Dive into Managed Identity and JWT tokens
- Azure resources enumeration
- Getting access to blob storage using compromised identity
- Retrieving Azure Key Vault secrets
- Extract data from SQL Database

Sergey Chubarov

Security Expert

Paço de Arcos, Portugal

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top