Azure AD guest accounts are widely used to grant external parties limited access to enterprise resources, with the assumption that these accounts pose little security risk. As you’re about to see, this assumption is dangerously wrong.
In this talk, given at BlackHat 2023, Zenity CTO and Co-Founder Michael Bargury shows how guests can leverage undocumented APIs to bypass limitations and gain unauthorized access to sensitive business data and capabilities including corporate SQL servers, SharePoint sites, and KeyVault secrets….
Events
eBooks
White Papers
Case Studies
Videos
Webinars
Glossary
About Us
Careers
News
Contact
Trust Center
