DESCRIPTION

It has been 10 years since the infamous "Golden Ticket" talk at Black Hat which described how to escalate and persist in Active Directory like a ninja. Since then, attackers have continued to exploit weak configurations and identify Active Directory combinations to evade defenses, escalate, persist, and exfiltrate data.

Things haven't gotten better in security in the 20+ years AD has been around and securing Active Directory is complicated further with cloud integration components. This talk is a collection of the most effective Active Directory attacks, including some of the more interesting cloud attacks, from the past 10 years and how best to mitigate and defend against them. Highlighted and explored during this presentation are some of the more nuanced attack techniques and how to best structure defenses to protect against the current threat.

Attendees will learn about effective attacker techniques leveraged in modern attacks & enterprise compromise and how to best defend today's Microsoft Identity systems (Active Directory & Azure AD/Entra ID).

WHY THE COMMITTEE CHOSE THIS TALK

Whats next in attacking AD and AAD/Entra ID is interesting. Hearing that from one of the most renowned security experts in this field is exciting.

SPEAKER

Sean Metcalf