Modern Management Summit 2025

Last year we were faced with a new advanced phishing technique, called Adversary-in-The-Middle (AiTM). This is an advanced method to bypass multiple forms of MFA, where a proxy is used to capture tokens also known as a man in the middle attack. In this session Kenneth and Erik explains using a real field story about how this type of attack works.

Then we cover the topics about Protect - Detect - Respond

Protect
We will go through our options to fight this by using differente strategies like implementing phishing resistant MFA methods and by using Conditional Access policies, with or without advanced Entra ID P2 Protection methods.

Detect
Which options you have for detecting this kind of attack, when you are unable to automatically protect against this attack.

Respond
What can we do after we have detected that the attack took place, some useful tips on how to mitigate the issue. 

As a bonus we unveil also $0 options to protect and detect for SMB and MSP, since we are Dutch :)

After this session you will have enough information to stop this attack and some food for thought to make a more sophisticated layering of defense strategies.