Showing Articles About
conditional access
-
Christian Philipov - 14 Apr 2026
It's Just a Matter of Time: Backdooring Conditional Access Policies
Conditional Access Policies are a core control in every modern Entra tenant to prevent access outside of expected access methods. A discovery was made on a little-known policy condition that would allow an administrator to define time-based restrictions on when a policy would be evaluated or not. In the event that a sufficiently privileged administrator user was compromised, this capability could allow threat actors to effectively "disable" policies while still seemingly being marked as enabled in the portal.