Nikolay Dolbin

Senior Researcher, Cybersecurity Department, Sber

About the speaker

Nikolay has extensive experience in analyzing the vulnerabilities of cryptographic subsystems of various hardware devices, operating systems, cryptographic data transfer protocols as well as various multi‑factor authentication systems.
August 26
Track 1
The lecture is about authentication and authorization in Microsoft Office 365. You will learn how the office applications such as Outlook, OneDrive, Teams, Word, Excel, and the Windows operating system as such are authorized on cloud servers. Specifically, where and how they store their access tokens, what DPAPI (Data Protection API), PRT (Primary Refresh Token), TPM (Trusted Platform Module) have to do with this, and how all of this magic can be used in red team operations.