New research on hybrid identity attack paths in modern enterprises

The integration of on-premises Active Directory with Microsoft Entra ID (formerly Azure AD) introduces new attack paths. User synchronization technologies like Azure AD Connect and Entra Cloud Sync can create pathways for attackers. This webinar shows how attackers exploit synchronized accounts to move between systems. Experts Andy Robbins and Cody Thomas discuss attack paths, including manipulating password hash synchronization to gain domain admin access. They cover defensive strategies: using BloodHound to map risky paths, removing unnecessary synchronization, detecting token theft and credential abuse, and mitigating synchronization impacts. Identify and mitigate these hybrid identity risks.