Discover the most attractive Windows privileges from an attacker’s perspective: those that permit a direct privilege escalation.
The fastest way to truly understand Microsoft Agent ID is to build an agent identity yourself, from scratch. Walk through this guided tour to build a real Agent ID object set in your Entra ID tenant.
Microsoft’s Entra Agent ID and the agent identity platform are about to become a major theme in identity and security conversations. Learn how this platform enables you to discover, manage, monitor, and secure AI agent identities.
The term workload identity describes multiple types of non-human identities in Entra ID. In this chapter of our guide to preventing agent identity attacks, dive into the distinctions between workload identity types and discover the newest type: ServiceIdentity.
Non-human identities already far outnumber human identities. Learn how the Entra ID agent identities defined by Microsoft fit into the Authentication, Authorization, and Accounting model that governs our digital landscape.
Developed by the Semperis research team, this multi-part guide helps organizations understand how Microsoft approaches human and non-human identities in Entra ID—and how to protect these critical assets from threat actors.
Learn about the discovery of CVE-2026-26119: why it worked and why you shouldn't underestimate authentication reflection.
Attackers with certain privileges can abuse Entra Connect hard matching synchronization to take over synchronized Entra ID accounts.