14th and 15th February, 2025
Kaapelitehdas, Helsinki Finland
Exploiting Token Based Authentication: Attacking and Defending Identities in the 2020s
Dr Nestori Syynimaa
Modern services, whether on-prem or cloud, are using token-based authentication. These tokens are cryptographically signed or encrypted and used as proof of users' identity when consuming services.
This talk explains two known token-based authentication attacks: stealing tokens (token-replay) and forging tokens. I will cover how adversaries are conducting both attacks and how to detect & protect against them.
This talk explains two known token-based authentication attacks: stealing tokens (token-replay) and forging tokens. I will cover how adversaries are conducting both attacks and how to detect & protect against them.
Dr Nestori Syynimaa
Dr Nestori Syynimaa is a Principal Identity Security Researcher at Microsoft Security Research. He has over a decade of experience with the security of Microsoft cloud services and is known as the creator of the AADInternals toolkit. Before joining the dark side in early 2024, Dr Syynimaa worked as a researcher, CIO, consultant, trainer, and university lecturer for over 20 years.
Dr Syynimaa has spoken in many international scientific and professional conferences, including IEEE TrustCom, TROOPERS, BSides, Black Hat USA, Europe, and Asia, Def Con, and RSA Conference.
