Security company focusing on Microsoft Entra and Active Directory security. Need an expert view or pentest on your cloud/AD? contact@outsidersecurity.nl
Joined December 2021
- Tweets 11
- Following 1
- Followers 2,073
- Likes 3
1 Photos and videos
Two new Entra ID training opportunities in the next few months! I will give another 4-day edition of my public training July 7-10 in The Hague, NL.
I will also return to RomHack (Rome, IT) this year for a training Sept 23-27 😀
Info and ticket links: outsidersecurity.nl/training…
15
60
15,932
I'll be heading to Black Hat Asia next year to give my Offensive Entra ID security course in APAC for the first time! April 1-4 in Singapore 😃. More info and tickets:
blackhat.com/asia-25/trainin…
4
29
5,080
25 May 2023
Last chance to enjoy the early bird rate for our @BlackHatEvents #BHUSA training on hacking Azure AD and hybrid environments! blackhat.com/us-23/training/…
5
10
9,357
📢 The first public edition of my "Offensive Azure AD and Hybrid AD" training is now scheduled and available for booking. June 5th to 7th in The Hague, The Netherlands. Tickets and more information at events.outsidersecurity.nl/a….
1
25
86
16,416
TOMROROW at 11am PT / 2pm ET, join NetSPI's @kfosaaen and @OutsiderSec's @_dirkjan during @BlackHatEvents' webcast, "Backdooring and Hijacking Azure AD Accounts by Abusing External Identities." ow.ly/fmTj50Lejmk
#azure #activedirectory #blackhat
5
6
Outsider Security retweeted
7 Nov 2022
#BlackHat free webinar "Backdooring and Hijacking Azure AD Accounts by Abusing External Identities" on November 10 explains how external identities work in Azure AD, and how concepts such as B2B collaboration are facilitated. Register now>> bit.ly/3FT5DvB
1
13
32
Since users modifying their own identities is not yet patched, I've also made a query for that so you can monitor this behavior. Haven't tested this in real envs but I suspect this is not a common action. Query on my GitHub: gist.github.com/dirkjanm/bf9…
1
9
19
In my Black Hat talk I referenced a guest account hijack that is very hard to identify after the fact. For blue teamers here, I've made a KQL query available for hunting this abuse in Azure AD audit logs. It should be possible it identify historical abuse: gist.github.com/dirkjanm/814…
1
48
186
27 Jun 2022
Almost time for @WEareTROOPERS #TROOPERS22, which means it's time to pack some stickers! 😍
1
4
20
🥳 super excited that I'll be back in Vegas this summer, presenting for the first time at Black Hat US #BHUSA! I'll give a talk about my latest research on hijacking and backdooring accounts via external identities in Azure AD 😁. blackhat.com/us-22/briefings…
17
14
223
Outsider Security retweeted
12 Jan 2022
Welcoming a new security consultancy to the market: @OutsiderSec
I've had a few exchanges with its founder Dirk-jan, and can vouch for their knowledge and skills.
Some big personal news: last year I decided to start my own company. Today I'm making it official and announcing Outsider Security (@OutsiderSec). My focus will be on Azure AD and Active Directory security, converting my research experience into in-depth tests and advice.
1
7