Coursera Spring Sale
40% Off Coursera Plus Annual!
Grab it
Explore comprehensive token theft protection mechanisms in Microsoft Entra ID through this 44-minute conference talk from BruCON Security Conference. Learn how organizations can defend against the rising threat of token theft attacks as they transition from password-based authentication to stronger methods. Discover the two primary token theft techniques - Adversary-in-the-Middle (AitM) attacks and endpoint malware - and understand why these attacks have become more prevalent as traditional password attacks become obsolete. Examine built-in Entra ID protection features including Token Protection and Continuous Access Evaluation (CAE), while gaining deep technical insights into how these mechanisms function under the hood. Understand the limitations of these protection methods and learn how threat actors might exploit them in specific scenarios. Master the implementation of these security features, develop skills to detect token theft attempts, and gain practical knowledge through demonstration-packed content that reveals both defensive capabilities and potential attack vectors in modern identity security.
