Maor Abutbul of CyberArk Labs reveals how flaws in open-source identity providers allow attackers to bypass controls, leak keys and escalate privileges to full system ownership.
Open-source identity providers underpin authentication, authorization and trust across modern environments, yet weaknesses in their internal logic can expose entire organizations. Research into widely deployed platforms shows how race conditions, transactional gaps, and unsafe Object-Relational Mapping, or ORM, patterns undermine security guarantees, even in mature systems.
Drawing from real-world flaws in Keycloak and Authentik, enterprises must aim to understand how attackers abuse concurrency, information leakage and token manipulation to bypass controls, extract sensitive keys and escalate privileges to full system control.
In this session, led by Maor Abutbul, senior vulnerability researcher at CyberArk Labs, you will learn:
- How HTTP/2 concurrency enables race-condition exploitation;
- Private key exposure and its impact on trust boundaries;
- Token handling flaws that enable privilege escalation.
Here is the course outline:
Your Identity Is Mine: Techniques and Insights From OS Identity Providers Research |
Completion
The following certificates are awarded when the course is completed:
 |
CPE Credit Certificate |
