In this session, you will learn about attacks against application identities, how to detect these attacks as well as how to recover and defend your application identities going forward against these emerging threats. Just like with user accounts, organizations will need to address application identities that are compromised whether through a compromised administrator, credentials-in-code, or a malicious application pretending to be legitimate. The basic attack vectors will be familiar to defenders but the process to detect, protect and recover are slightly different when dealing with an application instead of a person. Many organizations have been laser-focused on user account security to defend against the increase in password spray and phishing attacks, implementing measures such as MFA and even moving to passwordless authentication. As security for user accounts continues to improve, recent cyberattacks show that adversaries are turning their attention toward application identities. But do you know what risky behavior your application identities are up to and how to protect them? Check out our new channel: NDC Clips: @ndcclips Check out more of our featured speakers and talks at https://ndcconferences.com/ https://ndcoslo.com/