Breach at the Beach: Play the Ultimate Entra ID CTF
Breach at the Beach: Play the Ultimate Entra ID CTF
https://www.bleepingcomputer.com/news/security/breach-at-the-beach-play-the-ultimate-entra-id-ctf/
Publish Date: 2026-07-13 10:01:00
Source Domain: www.bleepingcomputer.com
Discover how Varonis Threat Labs created Breach at the Beach, a unique Entra ID training experience. Enhance your cybersecurity skills through hands-on learning with this CTF.
Cybersecurity can feel a lot like the ocean. A sense of calm on the surface, but likely something unknown is lurking underwater.
Varonis Threat Labs researchers Doron Kapah and Mark Vaitsman know this reality firsthand. Most of their days involve researching how threats exfiltrate sensitive data in cloud-native environments.
And knowing that AI has evolved identity management and how threats attack organizations, the duo wanted to create an Entra ID training experience that gave other security practitioners first-hand knowledge of what data exfiltration in Entra ID looks like on the frontlines. Thus, Breach at the Beach was born.
Pixel, Varonis’ threat-detecting cat, is on a beach vacation when she learns of a breach in Entra ID and switches to investigator mode. Players trace the threat actor’s steps through Pixel to uncover what sensitive data the attacker is after, hopefully stopping them before it is too late.
Continue reading to learn more about the real cases that inspired Breach at the Beach, how AI has evolved threat detection and amplified the need for hands-on education, and how you can earn CPE credits by completing Breach at the Beach.
Why Entra ID?
Entra ID isn’t just an identity provider; it’s the control plane for the entire enterprise. It connects users, applications, permissions, automation, and increasingly AI-powered workflows. The rise of non-human identities — AI agents, service principals, automated workflows — has changed what a compromise in Entra ID can look like.
“In today’s AI era, a lot of identities are non-human identities. f there is a compromise in Entra, a threat actor can pivot themselves into a non-human identity, and it can quickly turn into a stealthy and scalable data exfiltration attempt,” says Mark Vaitsman, Security Research…