Talks

On this page you’ll find recordings and slides from my conference talks. Enjoy!

Mobile device users: View horizontally 📟 to see all the columns.

2022

Date Conference Title Slides Recording
Nov 19 BSides Orlando Attacking Azure Active Directory Under-The-Radar Slides (31 pp.) Recording (stream) (46:30)
Oct 26 HäjySec October 2022 meetup Azure AD Open-Source Intelligence (OSINT) Slides (28 pp.) Recording (01:01:02)
Sep 28 ISF Finland Chapter Autumn Meeting How Researchers Defend Every Corner of Cyberspace Slides (22 pp.) N/A
Sep 24 RomHack 2022 Attacking Azure AD by abusing Synchronisation API: The story behind 40.000 USD in bug bounties Slides (43 pp.) Recording (31:07)
Sep 22 Cloud Identity Summit 2022 Azure AD Security Testing with AADInternals Slides (36 pp.) N/A
Sep 16 Prakticum Security Week Cybersecurity career - I did it my way Slides (21 pp.) N/A
Aug 12 DEF CON Cloud Village Making the most of Microsoft cloud bug bounty programs: How I made $65,000 USD in bounties in 2021 (after-recording). Slides (18 pp.) Recording (28:14)
Aug 10 BlackHat USA 2022 Arsenal Secureworks® Primary Refresh Token (PRT) viewer. Slides (11 pp.) Recording (24:24)
Jun 29 TROOPERS22 Eight ways to compromise AD FS certificates Slides (41 pp.) N/A
May 18 M365 Security & Compliance User Group UK Deep-dive to Azure AD Join 👇 Recording (59:01)
May 5 Global Azure 2022 Deep-dive to Azure AD Join Slides (14 pp.) Recording (1:08:05)
Apr 27 ICEIS2022 Exploring Azure Active Directory Attack Surface: Enumerating Authentication Methods with Open-Source Intelligence Tools. Slides (15 pp.)
Paper (6 pp.)
Recording (19:12)
Mar 23 Teams Nation 2022 Deep Regular dive to Teams Internal APIs. Slides (14 pp.) Recording (46:10)

2021

Date Conference Title Slides Recording
Nov 20 HTMD Conference 2021 Devices and Identities - The Foundation of Azure Active Directory Security. Slides (22 pp.) Recording (54:18)
Nov 11 Nordic Virtual Summit (2nd edition) Identities and Devices - The Foundation of Azure Active Directory Security. Slides (20 pp.) Recording (53:54)
Nov 11 Black Hat Europe. Arsenal AADInternals: The Swiss Army Knife for Azure AD & M365 Slides (12 pp.) Recording (39:03)
Sep 30 Cloud Identity Summit 2021 Microsoft Zero Trust security model - Silver bullet or just another chase for the unicorn? Slides (23 pp.) Recording (54:14)
Sep 17 PDCConf 2021 AADInternals: How did I built the ultimate Azure AD hacking tool from the scratch Slides (25 pp.) Recording (46:24)
Sep 16 Commsverse 2021 Abusing Teams privacy, security, and compliance Slides (18 pp.) Recording (36:59)
Aug 26 HelSec August Virtual Meetup Spoofing and Tampering with Azure AD Sign-ins log Slides (22 pp.) Recording (46:24)
Jun 11 Tonttu-koulutus (in Finnish) Solorigate / Sunburst hyökkäys, suojaus- ja varautumistoimet, sekä korjaustoimenpiteet (in Finnish) Slides (19 pp.) Recording (48:19)
May 5 Teams Nation 2021 Abusing Teams privacy, security, and compliance Slides (19 pp.) N/A
Feb 27 Scottish Summit 2021 Abusing Azure Active Directory: Who would you like to be today? Slides (48 pp.) Recording (53:42)
Jan 2 Nordic Virtual Summit Abusing Azure Active Directory: Who would you like to be today? Slides (47 pp.)
Dr Nestori Syynimaa (@DrAzureAD) avatar
About Dr Nestori Syynimaa (@DrAzureAD)
Dr Syynimaa works as Senior Principal Information Security Researcher at Secureworks CTU™ (Counter Threat Unit).
Before moving to his current position, Dr Syynimaa worked as a CIO, consultant, trainer, and university lecturer for over 20 years. He is a regular speaker in scientific and professional conferences related to Microsoft 365 and Azure AD security.

Dr Syynimaa is Microsoft Certified Expert (Microsoft 365), Microsoft Certified Azure Solutions Architect Expert, Microsoft Certified Trainer, Microsoft MVP (Enterprise Mobility, Identity and Access), and Microsoft Most Valuable Security Researcher (MVR).