Forum Discussion
Questioning Azure PIM Security: Can MFA Requirements Be Bypassed?
Hi everybody, I recently came up with a scenario to test a use case in which a threat actor could potentially steal your Azure access token. With this token, the actor attempts to elevate privile...
I agree with Joe. Consider experimenting with the Microsoft Entra Conditional Access authentication context feature to compel users to employ more secure authentication methods such as FIDO2, or to mandate the use of a trusted device, if such measures aren't already in place for the initial login process.
