NoPrompt: Exposing Conditional Access Failures in Azure
Saksham Agrawal
Cloud Village @ DEF CON 33 · Day 1 · Cloud Village
Conditional Access (CA) policies are a cornerstone of modern identity and access management within Microsoft Azure and Microsoft 365 environments. Designed to enforce security requirements like multi-factor authentication (MFA) based on contextual signals, CA policies are crucial for protecting sensitive resources. However, as demonstrated by Saksham Agrawal in his Cloud Village talk, "NoPrompt: Exposing Conditional Access Failures in Azure," these critical security controls are frequently misconfigured, creating significant vulnerabilities that can be exploited by attackers to bypass MFA and gain unauthorized access.
AI review
Competent cloud security research on a real problem — CA policy misconfigurations are genuinely pervasive and the NoPrompt tool is a practical contribution. But the technique is incremental: user-agent spoofing to probe CA gaps and AWS API Gateway for IP rotation are known primitives, and the tool is essentially a structured wrapper around well-understood attack patterns. Nothing here would surprise a seasoned Azure red teamer.