She showed him the log: A single API call to the AVD management plane, executed with stolen credentials. The call changed the assignment of a developer’s Cloud PC from “User A” to “Attacker B.” Then, the attacker launched a new session. No brute force. No malware. Just a misconfigured Azure RBAC role.
Marta watched the logs live. The attacker had tried the same trick—a stolen token—but now, without a compliant, Intune-registered device, the session was stonewalled. securing cloud pcs and azure virtual desktop
The CISO read the log. “What’s the lesson for the board?” She showed him the log: A single API
