BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsides-toronto-2023//talk//HR8SFK
BEGIN:VTIMEZONE
TZID:EST
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T070000Z
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:STANDARD
DTSTART:20071104T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11
TZNAME:EST
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000402T030000
RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T080000Z
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
BEGIN:DAYLIGHT
DTSTART:20070311T030000
RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3
TZNAME:EDT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsides-toronto-2023-HR8SFK@pretalx.com
DTSTART;TZID=EST:20231021T103000
DTEND;TZID=EST:20231021T105500
DESCRIPTION:Microsoft Azure and Entra ID have become mainstays in modern co
 rporate environments. As cloud environments grow\, so too does the complex
 ity. Many organizations have implemented Multi-Factor Authentication and e
 mploy Conditional Access Policies (CAPs) within their Azure tenant to enfo
 rce MFA requirements. We'll walk through a technique we developed to bypas
 s Browser-Based MFA to access Microsoft Outlook Web Application by leverag
 ing an overly permissive Conditional Access Policy.
DTSTAMP:20260315T180114Z
LOCATION:ENG 103
SUMMARY:Bypassing Browser-Based MFA for Outlook Web Application - David Sto
 rie
URL:https://pretalx.com/bsides-toronto-2023/talk/HR8SFK/
END:VEVENT
END:VCALENDAR