BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsides-canberra-2025//talk//8CGZCA
BEGIN:VTIMEZONE
TZID:AEST
BEGIN:STANDARD
DTSTART:20000326T040000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3;UNTIL=20050326T170000Z
TZNAME:AEST
TZOFFSETFROM:+1100
TZOFFSETTO:+1000
END:STANDARD
BEGIN:STANDARD
DTSTART:20060402T040000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060401T170000Z
TZNAME:AEST
TZOFFSETFROM:+1100
TZOFFSETTO:+1000
END:STANDARD
BEGIN:STANDARD
DTSTART:20070325T040000
RRULE:FREQ=YEARLY;BYDAY=4SU;BYMONTH=3;UNTIL=20070324T170000Z
TZNAME:AEST
TZOFFSETFROM:+1100
TZOFFSETTO:+1000
END:STANDARD
BEGIN:STANDARD
DTSTART:20080406T040000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4
TZNAME:AEST
TZOFFSETFROM:+1100
TZOFFSETTO:+1000
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000827T030000
RRULE:FREQ=YEARLY;BYDAY=4SU;BYMONTH=8;UNTIL=20000826T170000Z
TZNAME:AEDT
TZOFFSETFROM:+1000
TZOFFSETTO:+1100
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20011028T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20071027T170000Z
TZNAME:AEDT
TZOFFSETFROM:+1000
TZOFFSETTO:+1100
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20081005T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=10
TZNAME:AEDT
TZOFFSETFROM:+1000
TZOFFSETTO:+1100
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsides-canberra-2025-8CGZCA@pretalx.com
DTSTART;TZID=AEST:20250925T161000
DTEND;TZID=AEST:20250925T170500
DESCRIPTION:Modern Identity Providers Under Attack: Tactics\, Techniques\, 
 and Mitigations \n\nAs identity has become the new perimeter\,  threat act
 ors techniques to target Identity has evovled.  Attackers are shifting foc
 us from just stealing credentials to compromising the Identity Providers (
 IdPs) themselves. In this talk\, we will share frontline experiences and l
 essons learned combating attacks on cloud-based identity providers\, focus
 ing on Entra ID\, AWS Identity Provider\, ADFS\, Okta etc. We will talk ab
 out how modern adversaries exploit IAM misconfigurations\, abuse trust rel
 ationships\, register rogue domains or federation providers\, manipulate m
 ulti-tenant apps\, subvert SAML flows\, and even bypass MFA protections. \
 n\nWe’ll dig into real tactics\, detection methods\, and defensive playb
 ooks for securing these high-value targets. This talk is valuable for both
  red and blue teamers: Red teamers will gain insight into current techniqu
 es used by threat actors\, while blue teamers will learn how to detect and
  defend against these emerging threats.
DTSTAMP:20260604T004916Z
LOCATION:Off-Main Track
SUMMARY:Modern Identity Providers Under Attack: Tactics\, Techniques\, Dete
 ctions and Mitigations - Anurag Khanna
URL:https://pretalx.com/bsides-canberra-2025/talk/8CGZCA/
END:VEVENT
END:VCALENDAR