Prevent attackers from using stolen tokens from devices to which tokens were not issued.

preview_player
Показать описание

In single sign-on systems like SAML and OAUTH, tokens are how services know who you are and what you can do. When you sign in to your machine with your Microsoft Entra ID account, you are getting a session token you can use to access things like your email, teams and other apps. Check out new capabilities like Credential Guard in Windows enforced by device policies in Intune, Token Protection enforcement in Microsoft Entra, and Token theft detections in Microsoft Sentinel and Defender XDR.

Alex Weinert, from the Microsoft Entra team, explains what tokens are, how token theft works, and how to defend yourself from these attacks.

#CyberSecurity #TokenTheft #MicrosoftEntra #IdentityManagement
Рекомендации по теме