Welcome to the MS Entra attack defense session, where you'll learn how to defend against various well-known attacks on the web.

We'll begin with an overview of the attacks we'll conduct in our lab, followed by the defense mechanisms provided by Microsoft Entra ID for each attack. In this session, we'll explore how attackers structure an attack, starting from reconnaissance, initial access, enumeration, privilege escalation, all the way to lateral movement.

The types of attacks we'll cover include AiTM attacks, device code attacks, and attacks from AAD Connect.

Finally, we'll present best practices for protection with our 2024 model of Zero Trust, based on Microsoft Entra's ZTNA.