Service Principal: Privilege Escalation in Entra ID #shorts

In fact, service principle shape in our opinion the current landscape of previous escalation in enter ID. If you will able to see here the mark line they say by mitiga the appro assignment read write all in particular suggest the attacker could assign app role and manage permission across the tenant a capability that will significantly amplify their access and control over cooperate resources and we were like okay so basically let's recreate that let's create that attack path exactly as it is without the initial access because there are many ways to get initial access to a given tenant And we did just like that. We created the first two scenarios you will encounter when when entering entry goat are those taking

control over a service principle and using it uh its authentication context in order to privilege escalation and move laterally within the tenant. And by the way, one last thing uh this highlight the importance of service principles inside the tenant and and in fact service principles shape in our opinion the current landscape of previous escalation in enter ID.