This presentation from Black Hat explores Microsoft Intune's security implications, revealing how this cloud-based endpoint management solution can be exploited by attackers. Discover under-documented features that enable Conditional Access bypass in Microsoft Entra ID and learn how Intune's capabilities can be abused to gain unauthorized access to on-premises Active Directory and internal network infrastructure. Principal Consultant Yuya Chudo from Secureworks Japan K.K. demonstrates techniques and tools for exploiting Intune vulnerabilities to breach both cloud and on-premises environments, while providing practical recommendations to secure corporate IT infrastructure against these attack vectors. The 34-minute talk offers valuable insights into the internal mechanisms of Intune, essential knowledge for security professionals managing enterprise device ecosystems.
Unveiling the Power of Intune: Leveraging Intune for Breaking Into Your Cloud and On-Premise
Overview
Syllabus
Unveiling the Power of Intune: Leveraging Intune for Breaking Into Your Cloud and On-Premise
Taught by
Black Hat
Related Courses
-
MD-4011: Enhance Endpoint Security with Microsoft Intune and Microsoft Copilot for Security (Live Online)
-
Microsoft 365 Endpoint Administrator (Live Online)
-
Application deployment and management with Intune
-
Windows 365 course with Intune administration & simulations
-
Deploying Windows Clients & Managing Identities
-
Microsoft Intune Training | MDM MAM - Endpoint Manager Azure
