Read as
Last updated: April 29, 2026
Why this module exists. Indian enterprises moved their identity to Microsoft 365 / Entra ID (formerly Azure AD) in waves between 2019 and 2024. Attackers followed. The 2023-25 surge in token-theft and consent-phishing attacks is now the dominant initial-access technique against Microsoft-shop enterprises.
Why this module exists. Indian enterprises moved their identity to Microsoft 365 / Entra ID (formerly Azure AD) in waves between 2019 and 2024. Attackers followed. The 2023-25 surge in token-theft and consent-phishing attacks is now the dominant initial-access technique against Microsoft-shop enterprises. Different concepts, different tools, different defenders.
How Entra ID is different from on-prem AD
- No Kerberos by default. Authentication is OAuth 2.0 / OIDC.
- No NT hashes at the protocol level. Authentication is via tokens, not hashes.
- Conditional Access replaces GPO for access policy.
- App registrations replace Kerberos service principals.
- Hybrid identity via Entra Connect / AAD Connect — passwords sync from on-prem AD to cloud.
Want this for your team?
Custom team training + practitioner advisory
Beyond the free academy — we run private workshops, vCISO advisory, and red-team exercises tailored to your stack. For Indian SMBs scaling past their first hire.
Book team training call
Replies in 4 working hrs · India-only · Senior consultants