Minutes is all it takes for an attacker to compromise an account with access. The account doesn't even need to have obvious privileged rights for the attacker to own the cloud environment. This talk walks through the most common ways that attackers compromise Entra ID and how to mitigate these attack techniques. Attendees will learn about attacker methods, including Conditional Access bypasses.