Skip to content

AZT507.3 - External Entity Access: Domain Trust Modification#

An adversary may add an additional identity provider or domain to maintain a backdoor into the tenant.

Resource

AzureAD

Actions

  • N/A

Examples

Detections

Detection Details#

Monitor the 'Pass-through Authentication' page in the Azure portal. Azure AD Connect > Pass-through Authentication