Advanced Active Directory to Entra ID Lateral Movement Techniques

Name: Advanced Active Directory to Entra ID Lateral Movement Techniques
Description: Dirk-jan Mollema, founder of Outsider Security, presented new and advanced techniques for lateral movement from an on-premises Active Directory (AD) environment to Microsoft Entra ID (formerly Azure A

Dirk-jan Mollema

DEF CON 33 · Day 3 · Main Stage

Dirk-jan Mollema, founder of Outsider Security, presented new and advanced techniques for lateral movement from an on-premises Active Directory (AD) environment to Microsoft Entra ID (formerly Azure A

AI review

Dirk-jan Mollema extends hybrid AD/Entra ID attack research with three new lateral movement techniques: PKI-based cloud authentication bridge via on-premises CA trust, Exchange hybrid service account credential extraction, and ImmutableID manipulation to take over cloud-only accounts — including break-glass admin accounts previously assumed safe from on-premises compromise.

Watch on YouTube