Managed Identity for Hackers and Developers

There are so many managed cloud services today, it can be hard to follow what each is used for. This makes access management a critical area on which cloud security professionals should focus.

Managed identities provide an identity for applications to use when connecting to resources that support Microsoft Entra ID authentication.

As with any identity, this must be configured correctly, otherwise the identity may be compromised and the malicious actor can gain privileged access.

Session contains:
- Dive into Managed Identity and JWT tokens
- Azure resources enumeration
- Getting access to blob storage using compromised identity
- Retrieving Azure Key Vault secrets
- Extract data from SQL Database