Modern Authentication for the Security Admin

Channel:

SANS Cyber Defense

Subscribers:

23,600

Published on November 17, 2021 7:15:00 AM ● Video Link: https://www.youtube.com/watch?v=KiHLtmcYuUA

Duration: 36:09

1,102 views

Many organizations’ applications are moving to modern authentication protocols such as SAML, OAuth, and OpenID Connect. Claims, bearer tokens, and JWT tokens are traversing various authentication flow paths in your environment today. Security teams need to be just as familiar with how these work, the risks, and the benefits they provide, as they are with Kerberos tickets and NTLM hashes (please stop btw). In this session, we will break down these authentication concepts and common flows for the non-identity admin. We will also discuss some common attacks and defenses the security team should be monitoring for and implementing in their environment.

Mark Morowczynski, Principal Program Manager, Microsoft - twitter.com/markmorow
Grace Picking, Senior Program Manager, Microsoft - twitter.com/gracepicking

View upcoming Summits: http://www.sans.org/u/DuS
Download the presentation slides (SANS account required) at https://www.sans.org/u/1iaE
#BlueTeamSummit #ModernAuthentication

Other Videos By SANS Cyber Defense

2022-03-03	Defenders: What to do NOW if expecting nation state attackers
2022-02-18	Visualizing TensorFlow Models: Part I
2022-02-04	Visualizing TensorFlow Models: Part 1
2022-01-21	Visualizing How CNNs See Images
2022-01-21	PowerShell 2022: State of the Art / Hack / Infection
2022-01-14	All-Around Defenders: New Year, New Start
2022-01-07	Applying DS/ML to Forensics and Incident Response: An Interview with Jess Garcia
2021-12-13	What do you need to know about the log4j (Log4Shell) vulnerability?
2021-11-22	Get to Know SANS Instructor and SEC586 Course Author Josh Johnson
2021-11-22	Bringing the Sexy Back to Blue Team, with Eric Conrad and Seth Misener
2021-11-17	Modern Authentication for the Security Admin
2021-11-15	DeTT&CT(ing) Kubernetes ATT&CK(s) with Audit Logs
2021-11-13	Ransomware Preparation, Containment and Recovery Strategies
2021-11-12	Building on the Foundations of OSINT with SEC587: Advanced Open-Source Intelligence
2021-11-12	AI & ML in the Modern SOC
2021-11-11	YARA for Mere Mortals
2021-11-09	Threat Sightings: The Power of Observation for Driving Cyber Threat Detection Improvements
2021-11-07	Blue-Team-as-Code: Lessons From Real-world Red Team Detection Automation Using Logs
2021-11-05	Measuring Detection Engineering Teams
2021-11-02	Monitoring and Incident Response in Azure AD
2021-11-01	Threats & Challenges 2021: What Cyber Defenders Need to Know – and Do

Tags:

sans institute

blue team

blue team operations

sans blue team summit

blue team summit

sans institute blue team summit

mark morowczynski

grace picking

modern authentication

security admin

modern authentication for the security admin

microsoft mark morowczynski

microsoft grace picking

Channel	Latest
ShinLad FGC	9 hours ago
EddboyBlue	9 hours ago
ErralasaGamer's	9 hours ago
Capi Reacts	9 hours ago
Ransix Plays	9 hours ago
AuMiO VXC	9 hours ago
Corner Line Studio	10 hours ago
Tavon B	10 hours ago
floydbishop	10 hours ago
Cyrus ꪜ	10 hours ago
Bricks Lair	10 hours ago
KevRow University LIVE	10 hours ago
Mike The Goon	10 hours ago
Oldana Vaverka	10 hours ago
SWK	10 hours ago
Leachim Remsy	10 hours ago
Cult Classic Cage	10 hours ago
Baegger	10 hours ago
Cool Dinosaurs	10 hours ago
PragerU	10 hours ago
BuzzAlt	10 hours ago
N1GHT	10 hours ago
MrDDG94	10 hours ago
All In ONE PL	10 hours ago
YovaD Gamer	10 hours ago