← Back to Explore
T1556.007
Hybrid Identity
Adversaries may patch, modify, or otherwise backdoor cloud authentication processes that are tied to on-premises user identities in order to bypass typical authentication mechanisms, access credentials, and enable persistent access to accounts. Many organizations maintain hybrid user and device identities that are shared between on-premises and cloud-based environments. These can be maintained in a number of ways. For example, Microsoft Entra ID includes three options for synchronizing identi...
WindowsSaaSIaaSOffice SuiteIdentity Provider
2
Detections
1
Sources
1
Threat Actors
BY SOURCE
2elastic
PROCEDURES (2)
Authentication Monitoring1 detections
Auto-extracted: 1 detections for authentication monitoring
General Monitoring1 detections
Auto-extracted: 1 detections for general monitoring