TMTH01 Protecting Azure AD and M365 from On-Prem Attacks


8:00am - 9:15am

Level: Advanced

Nestori Syynimaa

Senior Principal Security Researcher


Microsoft cloud services, including Azure AD and M365, can be regarded as safe. Many organizations have chosen to implement a hybrid environment to make their cloud services easier to manage and use. This means that some of their on-prem services, such as Active Directory or Exchange, are connected to their cloud counterparts.

As more focus is now given to protecting the cloud, on-prem security has often been neglected. Many recent state-sponsored attacks have taken advantage of this and compromised organizations' on-prem services to gain access to their cloud services.

To protect your cloud from on-prem attacks, it is crucial to understand which attack paths adversaries can use. You also need to know what options you have to block these attacks. This helps you build adequate safety and mitigation mechanisms to keep your cloud safe.

Unfortunately, even the best safety mechanisms can be breached due to 0-day vulnerabilities, human error, etc. If this happens to you, you need to understand which steps to take to keep your business running.

You will learn:

  • On-prem attack paths often used by the adversaries
  • Understand available security options to protect your cloud from on-prem attacks
  • Understand available post-breach remediations to keep your business running