Dr. Nestori Syynimaa
Principal Identity Security Researcher @ Microsoft, @DrAzureAD
Dr Nestori Syynimaa is a Principal Identity Security Researcher at Microsoft Threat Intelligence Center He has over a decade of experience with the security of Microsoft cloud services and is known as the creator of the AADInternals toolkit. Before joining Microsoft in early 2024, Dr Syynimaa worked as a researcher, CIO, consultant, trainer, and university lecturer for over 20 years.
Dr Syynimaa has spoken in many international scientific and professional conferences, including IEEE TrustCom, TROOPERS, BSides, Black Hat USA, Europe, and Asia, Def Con, and RSA Conference.
talks & Q&A
conference | sep 18
Defending Against the Evolving OAuth Attack Landscape
Description
OAuth has become a cornerstone of modern authentication, enabling seamless integration between applications and services. However, as organizations increasingly rely on OAuth for their SaaS environments, attackers have evolved their techniques to exploit its vulnerabilities.
In this demo packed session, we will explore the latest trends and threats in the OAuth attack landscape, uncovering how attackers conduct token-theft attacks, exploit misconfigurations, abuse app permissions, and target non-human identities. Attendees will gain an understanding of how these attacks unfold, their potential impact on an organization's security posture, and how to defend against them.
