SlideShare una empresa de Scribd logo

Learn how to protect against and recover from data breaches in Office 365

A
AntonioMaio2

Microsoft provides robust Cloud based tools to help protect our data and services in Office 365 from attackers and data breaches. These tools include capabilities for auditing, monitoring, enforcing policies and protecting critical enterprise data. However, Office 365 is not immune to attack. In this session you’ll learn common patterns used by attackers to compromise Office 365 tenants in the real world, how to make use of Microsoft Cloud based tools to protect your Office 365 tenant, and how to investigate and recover from an attack so that you can help prevent it from happening again. Microsoft Premier Field Engineer Theresa Eller and six time Microsoft MVP Antonio Maio share their experiences investigating data breaches, recovering from them and helping Office 365 customers from future data breaches.

Software
1 de 50
Descargar para leer sin conexión
Learn How to Protect Against and Recover from Data Breaches in Office 365 Theresa Eller, Microsoft Premiere Field Engineer sharepointmadam@anythingbutcode.onmicrosoft.com Antonio Maio, Protiviti Senior Enterprise Architect & Microsoft MVP Antonio.Maio@Protiviti.com
Platinum Gold Silver Prize(s)
AGENDA 01 Common Attack Patterns 02 Types of Security Breaches 03 What Does a Security Breach Look Like 04 How to Investigate & Recover from an Attack 05 Protect from Future Attacks
COMMON ATTACK PATTERNS
lllllllll lllllllll Phishing Password Spray Breach Replay 200K password spray attacks blocked in August 2018 23M high risk enterprise sign-in attempts detected in March 2018 4.6B attacker-driven sign-ins detected in May 2018 John Doe lllllll
PHISHING & SPEAR PHISHING • One of the Most Common Attack Vectors • Targeted Attacks – They are formatted for you! • Attackers do their research • OS-INT (open source intelligence)
PHISHING & SPEAR PHISHING • Lots of examples… ▪ Someone has accessed your account ▪ Verify your account ▪ Renew your subscription ▪ iTunes Receipt ▪ Replies (subject starting with Re:) when you never received original ▪ Review your PayPay account ▪ Review this invoice ▪ Urgent action required…
CREDENTIAL STUFFING • So Many Passwords! • So many its Difficult for us to remember them all! • Attackers will rely on human nature! CREDENTIAL STUFFING: Re-using the Same Passwords Across Multiple Systems
ACCESSING CREDENTIALS & SAVING ON HOME PC • Exposes Credentials to Home Users • Exposes Credentials to Software that Home Users Download … like malware!
Types of Security Breaches
Inadvertent or Accidental Data Leak Insider Threat External Threat
• • • • • • • • • • • • • Insider Threat External Threat Inadvertent or Accidental Data Leak
What Does a Security Breach Look Like
WHAT DOES A SECURITY BREACH LOOK LIKE? • Email anomalies • Emails from people/groups you don’t normally communicate with • Notifications from banks and online services you don’t normally interact with • Typos • Urgent call to action • Old contact information (old titles) • Slow computer/Slow web access
• • • External Threat
• • • External Threat Phishing Research/OS-Int Only send to smaller partners (those less likely to have good security practices)
• • • External Threat Phishing Only send to smaller partners (those less likely to have good security practices) • • • • partner4@trustedcompany.com •
• • • External Threat Phishing Target specific executives within the organization that are likely to have access to financial information • • • • •
• • • • Insider Threat
• • • • Insider Threat The Industrious The Partisan The Spy
• • • • • • Inadvertent or Accidental Data Leak The Careless The Inexperienced The Lazy The Home Worker The Newcomer The Stressed The Disorganized
How to Investigate & Recover from an Attack
https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/concept-reporting-api
• Soon to be on by default on all new mailboxes
Protect from Future Attacks
Security features must be enabled to protect you >99% of common user compromises are preventable Most customers enable features after they’re compromised Average account secure score today is 14.65/180 Baseline Protection Simple one-click experience enables our recommended security configuration and features Baseline configuration For admins MFA enabled for Azure AD privileged roles For all users MFA enabled Enrolled in the Microsoft authenticator app for MFA Require MFA when sign-in risk is detected Block legacy authentication protocols Block logins from compromised users
threats
Microsoft Secure Score Visibility into your Microsoftsecurity position and how to improve it Insights into your security position Guidance to increase your security level
Identity Secure Score Checkout your Identity Secure Score now at aka.ms/MyIdentitySecureScore Insights into your security posture Guidance to help you secure your organization
CONDITIONAL ACCESS APP CONTROL Microsoft Azure Active Directory Analyze Session RiskCheck device compliance with Intune Check location Check user behavior Check user organization Enforce Relevant Policies with Conditional Access App Control Protect downloads from unmanaged devices with AIP Monitor and alert on actions when user activity is suspicious Enforce read-only mode in applications for partner (B2B) users Require MFA and define session timeouts for unfamiliar locations BOX.US.CAS.MS Cloud App Security integrates with: • Azure Active Directory • Azure Information Protection • Microsoft Intune to protect any app in your organization.
Unusual file share activity Unusual file download Unusual file deletion activity Ransomware activity Data exfiltration to unsanctioned apps Activity by a terminated employee Indicators of a compromisedsession Malicious useof an end-useraccount Malware implanted in cloud apps Malicious OAuth application Multiple failed login attempts to app Suspicious inbox rules (delete, forward) Threat delivery and persistence ! ! ! Unusual impersonated activity Unusual administrative activity Unusual multiple delete VM activity Malicious useof a privilegeduser Activity fromsuspicious IP addresses Activity fromanonymous IP addresses Activity froman infrequent country Impossibletravel between sessions Logon attempt from a suspicious user agent
Brute force attempts Suspicious groups membership modifications Honey Token account suspicious activities Suspicious VPN connection Abnormal access to AIP protected data Reconnaissance (65% of alert volume) ! ! ! Compromised credentials (16% of alert volume) Lateral movement (11% of alert volume) Domain dominance (8% of alert volume) Golden ticket attack Skeleton Key Remote code execution on DC Service creation on DC DCShadow 86% 38% 10% 12% Directoryservices DNS Account enumeration SMB sessionenumeration Impacted organizations: recon attacks Pass-the-Ticket Pass-the-Hash Overpass-the-Hash
MFA reduces the risk of an attack by 99.9% Have you turned on MFA?
Corporate Network Geo-location MacOS Android iOS Windows Windows Defender ATP Client apps Browser apps Google ID MSA Azure AD ADFS Employee & Partner Users and Roles Trusted & Compliant Devices Location Client apps & Auth Method Conditions Microsoft Cloud App Security Force password reset Require MFA Allow/block access Terms of Use ****** Limited access Controls Machine learning Policies Real time Evaluation Engine Session Risk 3 40TB Effective policy
https://docs.microsoft.com/en-us/office365/securitycompliance/attack-simulator
 Enable MFA for your Admin Accounts or, even better, use PIM 1.7% admins protected by MFA  Monitor your Risk Reports  Use Identity Secure Score  Test passwordless sign-in with Microsoft Authenticator  Turn on Password Hash Sync  Pull Azure AD Logs into your SIEM systems  Block Legacy Auth  Modernize your password policy  Block Suspicious IPs  Enable user risk policy  Enable sign-in risk policy  Review app permissions & use MCAS 52
Thank you! Theresa Eller, Microsoft Premiere Field Engineer sharepointmadam@anythingbutcode.onmicrosoft.com Antonio Maio, Protiviti Senior Enterprise Architect & Microsoft MVP Antonio.Maio@Protiviti.com

Recomendados

Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityAntonioMaio2
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Radhakrishnan Govindan
 
Microsoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSMicrosoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSDavid J Rosenthal
 
Microsoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceMicrosoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceChris Genazzio
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Chris Genazzio
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityDavid J Rosenthal
 
EMS Diagram Click Through Web
EMS Diagram Click Through WebEMS Diagram Click Through Web
EMS Diagram Click Through WebEric Inch
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan David J Rosenthal
 

Recomendados

Introduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityIntroduction to Microsoft Enterprise Mobility + Security
Introduction to Microsoft Enterprise Mobility + SecurityAntonioMaio2
 
Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Overview of Microsoft Enterprise Mobility & Security(EMS)
Overview of Microsoft Enterprise Mobility & Security(EMS)Radhakrishnan Govindan
 
Microsoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSMicrosoft Enterprise Mobility and Security EMS
Microsoft Enterprise Mobility and Security EMSDavid J Rosenthal
 
Microsoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceMicrosoft Advanced Security & Compliance
Microsoft Advanced Security & ComplianceChris Genazzio
 
Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Enterprise Mobility+Security Overview
Enterprise Mobility+Security Overview Chris Genazzio
 
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityGet Ahead of Cyber Attacks with Microsoft Enterprise Mobility + Security
Get Ahead of Cyber Attacks with Microsoft Enterprise Mobility + SecurityDavid J Rosenthal
 
EMS Diagram Click Through Web
EMS Diagram Click Through WebEMS Diagram Click Through Web
EMS Diagram Click Through WebEric Inch
 
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan
Microsoft Intune - Empowering Enterprise Mobility - Presented by Atidan David J Rosenthal
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information ProtectionAndrew Bettany
 
Empower Enterprise Mobility- Maximize Mobile Control- Presented by Atidan
Empower Enterprise Mobility- Maximize Mobile Control- Presented by AtidanEmpower Enterprise Mobility- Maximize Mobile Control- Presented by Atidan
Empower Enterprise Mobility- Maximize Mobile Control- Presented by AtidanDavid J Rosenthal
 
1 Modern Security - Keynote
1 Modern Security - Keynote1 Modern Security - Keynote
1 Modern Security - KeynoteAndrew Bettany
 
Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Plain Concepts
 
Community IT - Single Sign On
Community IT - Single Sign OnCommunity IT - Single Sign On
Community IT - Single Sign OnCommunity IT Innovators
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionRobert Crane
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyMicrosoft Österreich
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AADAndrew Bettany
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRIdentity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRJürgen Ambrosi
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Syed Sabhi Haider
 
Security and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperSecurity and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperDavid J Rosenthal
 
Azure information protection
Azure information protectionAzure information protection
Azure information protectionKjetil Lund-Paulsen
 
Cloud App Security
Cloud App SecurityCloud App Security
Cloud App SecurityAlvaro Rezende
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksAkram Qureshi
 
4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTPAndrew Bettany
 
Microsoft Enterprise Mobility and Security Launch - August 5-2015 - Atidan
Microsoft Enterprise Mobility and Security Launch - August 5-2015 - AtidanMicrosoft Enterprise Mobility and Security Launch - August 5-2015 - Atidan
Microsoft Enterprise Mobility and Security Launch - August 5-2015 - AtidanDavid J Rosenthal
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 
Microsoft Azure Rights Management
Microsoft Azure Rights ManagementMicrosoft Azure Rights Management
Microsoft Azure Rights ManagementDavid J Rosenthal
 
A beginners guide to administering office 365 with power shell antonio maio
A beginners guide to administering office 365 with power shell antonio maioA beginners guide to administering office 365 with power shell antonio maio
A beginners guide to administering office 365 with power shell antonio maioAntonioMaio2
 
Application Security-Understanding The Horizon
Application Security-Understanding The HorizonApplication Security-Understanding The Horizon
Application Security-Understanding The HorizonLalit Kale
 
Stopping zero day threats
Stopping zero day threatsStopping zero day threats
Stopping zero day threatsZscaler
 

Más contenido relacionado

La actualidad más candente

2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information ProtectionAndrew Bettany
 
Empower Enterprise Mobility- Maximize Mobile Control- Presented by Atidan
Empower Enterprise Mobility- Maximize Mobile Control- Presented by AtidanEmpower Enterprise Mobility- Maximize Mobile Control- Presented by Atidan
Empower Enterprise Mobility- Maximize Mobile Control- Presented by AtidanDavid J Rosenthal
 
1 Modern Security - Keynote
1 Modern Security - Keynote1 Modern Security - Keynote
1 Modern Security - KeynoteAndrew Bettany
 
Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Plain Concepts
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information ProtectionRobert Crane
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyMicrosoft Österreich
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architectureBirendra Negi ☁️
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AADAndrew Bettany
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRIdentity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRJürgen Ambrosi
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Syed Sabhi Haider
 
Security and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperSecurity and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperDavid J Rosenthal
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksAkram Qureshi
 
4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTPAndrew Bettany
 
Microsoft Enterprise Mobility and Security Launch - August 5-2015 - Atidan
Microsoft Enterprise Mobility and Security Launch - August 5-2015 - AtidanMicrosoft Enterprise Mobility and Security Launch - August 5-2015 - Atidan
Microsoft Enterprise Mobility and Security Launch - August 5-2015 - AtidanDavid J Rosenthal
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanSPS Paris
 
Microsoft Azure Rights Management
Microsoft Azure Rights ManagementMicrosoft Azure Rights Management
Microsoft Azure Rights ManagementDavid J Rosenthal
 
A beginners guide to administering office 365 with power shell antonio maio
A beginners guide to administering office 365 with power shell antonio maioA beginners guide to administering office 365 with power shell antonio maio
A beginners guide to administering office 365 with power shell antonio maioAntonioMaio2
 

La actualidad más candente (20)

2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection
 
Empower Enterprise Mobility- Maximize Mobile Control- Presented by Atidan
Empower Enterprise Mobility- Maximize Mobile Control- Presented by AtidanEmpower Enterprise Mobility- Maximize Mobile Control- Presented by Atidan
Empower Enterprise Mobility- Maximize Mobile Control- Presented by Atidan
 
1 Modern Security - Keynote
1 Modern Security - Keynote1 Modern Security - Keynote
1 Modern Security - Keynote
 
Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa Microsoft Intune y Gestión de Identidad Corporativa
Microsoft Intune y Gestión de Identidad Corporativa
 
Community IT - Single Sign On
Community IT - Single Sign OnCommunity IT - Single Sign On
Community IT - Single Sign On
 
Azure Information Protection
Azure Information ProtectionAzure Information Protection
Azure Information Protection
 
Daniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity storyDaniel Grabski | Microsofts cybersecurity story
Daniel Grabski | Microsofts cybersecurity story
 
cyber-security-reference-architecture
cyber-security-reference-architecturecyber-security-reference-architecture
cyber-security-reference-architecture
 
3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD3 Modern Security - Secure identities to reach zero trust with AAD
3 Modern Security - Secure identities to reach zero trust with AAD
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPRIdentity and Data protection with Enterprise Mobility Security in ottica GDPR
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
 
Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview Microsoft Cloud Application Security Overview
Microsoft Cloud Application Security Overview
 
Security and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 WhitepaperSecurity and Compliance In Microsoft Office 365 Whitepaper
Security and Compliance In Microsoft Office 365 Whitepaper
 
Azure information protection
Azure information protectionAzure information protection
Azure information protection
 
Cloud App Security
Cloud App SecurityCloud App Security
Cloud App Security
 
Msft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacksMsft cloud architecture_security_commonattacks
Msft cloud architecture_security_commonattacks
 
4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP4 Modern Security - Integrated SecOps and incident response with MTP
4 Modern Security - Integrated SecOps and incident response with MTP
 
Microsoft Enterprise Mobility and Security Launch - August 5-2015 - Atidan
Microsoft Enterprise Mobility and Security Launch - August 5-2015 - AtidanMicrosoft Enterprise Mobility and Security Launch - August 5-2015 - Atidan
Microsoft Enterprise Mobility and Security Launch - August 5-2015 - Atidan
 
B2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam LevithanB2 - The History of Content Security: Part 2 - Adam Levithan
B2 - The History of Content Security: Part 2 - Adam Levithan
 
Microsoft Azure Rights Management
Microsoft Azure Rights ManagementMicrosoft Azure Rights Management
Microsoft Azure Rights Management
 
A beginners guide to administering office 365 with power shell antonio maio
A beginners guide to administering office 365 with power shell antonio maioA beginners guide to administering office 365 with power shell antonio maio
A beginners guide to administering office 365 with power shell antonio maio
 

Similar a Learn how to protect against and recover from data breaches in Office 365

Application Security-Understanding The Horizon
Application Security-Understanding The HorizonApplication Security-Understanding The Horizon
Application Security-Understanding The HorizonLalit Kale
 
Stopping zero day threats
Stopping zero day threatsStopping zero day threats
Stopping zero day threatsZscaler
 
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin DunnNetworking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin DunnNorth Texas Chapter of the ISSA
 
Microsoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsAdeo Security
 
Crush Common Cybersecurity Threats with Privilege Access Management
Crush Common Cybersecurity Threats with Privilege Access ManagementCrush Common Cybersecurity Threats with Privilege Access Management
Crush Common Cybersecurity Threats with Privilege Access ManagementBeyondTrust
 
Office 365 Security Features That Nonprofits Should Know and Use
Office 365 Security Features That Nonprofits Should Know and UseOffice 365 Security Features That Nonprofits Should Know and Use
Office 365 Security Features That Nonprofits Should Know and UseTechSoup
 
Discover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiDiscover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiJeremy Li
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hackingCmano Kar
 
Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Osama Salah
 
Marcos de Pedro Neoris authenware_cybersecurity step1
Marcos de Pedro Neoris authenware_cybersecurity step1Marcos de Pedro Neoris authenware_cybersecurity step1
Marcos de Pedro Neoris authenware_cybersecurity step1Marcos De Pedro
 
How to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantHow to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantRobert Crane
 
Testing Application Security: The Hacker Psyche Exposed
Testing Application Security: The Hacker Psyche ExposedTesting Application Security: The Hacker Psyche Exposed
Testing Application Security: The Hacker Psyche ExposedTechWell
 
Developing A Cyber Security Incident Response Program
Developing A Cyber Security Incident Response ProgramDeveloping A Cyber Security Incident Response Program
Developing A Cyber Security Incident Response ProgramBGA Cyber Security
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesMaxime ALAY-EDDINE
 
Make Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your FavorMake Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your FavorDavid Perkins
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxRoshni814224
 
How to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USMHow to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USMAlienVault
 

Similar a Learn how to protect against and recover from data breaches in Office 365 (20)

Application Security-Understanding The Horizon
Application Security-Understanding The HorizonApplication Security-Understanding The Horizon
Application Security-Understanding The Horizon
 
Stopping zero day threats
Stopping zero day threatsStopping zero day threats
Stopping zero day threats
 
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin DunnNetworking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
Networking 2016-06-14 - The Dirty Secrets of Enterprise Security by Kevin Dunn
 
Microsoft Avanced Threat Analytics
Microsoft Avanced Threat AnalyticsMicrosoft Avanced Threat Analytics
Microsoft Avanced Threat Analytics
 
Crush Common Cybersecurity Threats with Privilege Access Management
Crush Common Cybersecurity Threats with Privilege Access ManagementCrush Common Cybersecurity Threats with Privilege Access Management
Crush Common Cybersecurity Threats with Privilege Access Management
 
Office 365 Security Features That Nonprofits Should Know and Use
Office 365 Security Features That Nonprofits Should Know and UseOffice 365 Security Features That Nonprofits Should Know and Use
Office 365 Security Features That Nonprofits Should Know and Use
 
information security awareness course
information security awareness courseinformation security awareness course
information security awareness course
 
Discover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy LiDiscover advanced threats with threat intelligence - Jeremy Li
Discover advanced threats with threat intelligence - Jeremy Li
 
Cyper security & Ethical hacking
Cyper security & Ethical hackingCyper security & Ethical hacking
Cyper security & Ethical hacking
 
Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...Application Whitelisting - Complementing Threat centric with Trust centric se...
Application Whitelisting - Complementing Threat centric with Trust centric se...
 
Marcos de Pedro Neoris authenware_cybersecurity step1
Marcos de Pedro Neoris authenware_cybersecurity step1Marcos de Pedro Neoris authenware_cybersecurity step1
Marcos de Pedro Neoris authenware_cybersecurity step1
 
Ethical Hacking
Ethical HackingEthical Hacking
Ethical Hacking
 
How to get deeper administration insights into your tenant
How to get deeper administration insights into your tenantHow to get deeper administration insights into your tenant
How to get deeper administration insights into your tenant
 
Testing Application Security: The Hacker Psyche Exposed
Testing Application Security: The Hacker Psyche ExposedTesting Application Security: The Hacker Psyche Exposed
Testing Application Security: The Hacker Psyche Exposed
 
How to hack or what is ethical hacking
How to hack or what is ethical hackingHow to hack or what is ethical hacking
How to hack or what is ethical hacking
 
Developing A Cyber Security Incident Response Program
Developing A Cyber Security Incident Response ProgramDeveloping A Cyber Security Incident Response Program
Developing A Cyber Security Incident Response Program
 
Introduction to Software Security and Best Practices
Introduction to Software Security and Best PracticesIntroduction to Software Security and Best Practices
Introduction to Software Security and Best Practices
 
Make Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your FavorMake Every Spin Count: Putting the Security Odds in Your Favor
Make Every Spin Count: Putting the Security Odds in Your Favor
 
Cyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptxCyber Security and Data Privacy in Information Systems.pptx
Cyber Security and Data Privacy in Information Systems.pptx
 
How to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USMHow to Detect System Compromise & Data Exfiltration with AlienVault USM
How to Detect System Compromise & Data Exfiltration with AlienVault USM
 

Más de AntonioMaio2

Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamAntonioMaio2
 
Information security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maioInformation security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maioAntonioMaio2
 
SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?AntonioMaio2
 
Office 365 security new innovations from microsoft ignite - antonio maio
Office 365 security new innovations from microsoft ignite - antonio maioOffice 365 security new innovations from microsoft ignite - antonio maio
Office 365 security new innovations from microsoft ignite - antonio maioAntonioMaio2
 
Real world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - publishedReal world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - publishedAntonioMaio2
 
Overcoming Security Threats and Vulnerabilities in SharePoint
Overcoming Security Threats and Vulnerabilities in SharePointOvercoming Security Threats and Vulnerabilities in SharePoint
Overcoming Security Threats and Vulnerabilities in SharePointAntonioMaio2
 
What’s new in SharePoint 2016!
What’s new in SharePoint 2016!What’s new in SharePoint 2016!
What’s new in SharePoint 2016!AntonioMaio2
 
Data Visualization in SharePoint and Office 365
Data Visualization in SharePoint and Office 365Data Visualization in SharePoint and Office 365
Data Visualization in SharePoint and Office 365AntonioMaio2
 
Hybrid Identity Management with SharePoint and Office 365 - Antonio Maio
Hybrid Identity Management with SharePoint and Office 365 - Antonio MaioHybrid Identity Management with SharePoint and Office 365 - Antonio Maio
Hybrid Identity Management with SharePoint and Office 365 - Antonio MaioAntonioMaio2
 
Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...AntonioMaio2
 
Identity management challenges when moving share point to the cloud antonio...
Identity management challenges when moving share point to the cloud antonio...Identity management challenges when moving share point to the cloud antonio...
Identity management challenges when moving share point to the cloud antonio...AntonioMaio2
 
A Practical Guide Information Governance with Microsoft SharePoint 2013
A Practical Guide Information Governance with Microsoft SharePoint 2013A Practical Guide Information Governance with Microsoft SharePoint 2013
A Practical Guide Information Governance with Microsoft SharePoint 2013AntonioMaio2
 
Best practices for security and governance in share point 2013 published
Best practices for security and governance in share point 2013 publishedBest practices for security and governance in share point 2013 published
Best practices for security and governance in share point 2013 publishedAntonioMaio2
 
Keeping SharePoint Always On
Keeping SharePoint Always OnKeeping SharePoint Always On
Keeping SharePoint Always OnAntonioMaio2
 
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointHow Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointAntonioMaio2
 
Best practices for Security and Governance in SharePoint 2013
Best practices for Security and Governance in SharePoint 2013Best practices for Security and Governance in SharePoint 2013
Best practices for Security and Governance in SharePoint 2013AntonioMaio2
 
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...AntonioMaio2
 
Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013AntonioMaio2
 
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013AntonioMaio2
 
SharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the CloudSharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the CloudAntonioMaio2
 

Más de AntonioMaio2 (20)

Office 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat teamOffice 365 Security - MacGyver, Ninja or Swat team
Office 365 Security - MacGyver, Ninja or Swat team
 
Information security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maioInformation security in office 365 a shared responsibility - antonio maio
Information security in office 365 a shared responsibility - antonio maio
 
SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?SharePoint Saturday Ottawa - How secure is my data in office 365?
SharePoint Saturday Ottawa - How secure is my data in office 365?
 
Office 365 security new innovations from microsoft ignite - antonio maio
Office 365 security new innovations from microsoft ignite - antonio maioOffice 365 security new innovations from microsoft ignite - antonio maio
Office 365 security new innovations from microsoft ignite - antonio maio
 
Real world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - publishedReal world SharePoint information governance a case study - published
Real world SharePoint information governance a case study - published
 
Overcoming Security Threats and Vulnerabilities in SharePoint
Overcoming Security Threats and Vulnerabilities in SharePointOvercoming Security Threats and Vulnerabilities in SharePoint
Overcoming Security Threats and Vulnerabilities in SharePoint
 
What’s new in SharePoint 2016!
What’s new in SharePoint 2016!What’s new in SharePoint 2016!
What’s new in SharePoint 2016!
 
Data Visualization in SharePoint and Office 365
Data Visualization in SharePoint and Office 365Data Visualization in SharePoint and Office 365
Data Visualization in SharePoint and Office 365
 
Hybrid Identity Management with SharePoint and Office 365 - Antonio Maio
Hybrid Identity Management with SharePoint and Office 365 - Antonio MaioHybrid Identity Management with SharePoint and Office 365 - Antonio Maio
Hybrid Identity Management with SharePoint and Office 365 - Antonio Maio
 
Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...Developing custom claim providers to enable authorization in share point an...
Developing custom claim providers to enable authorization in share point an...
 
Identity management challenges when moving share point to the cloud antonio...
Identity management challenges when moving share point to the cloud antonio...Identity management challenges when moving share point to the cloud antonio...
Identity management challenges when moving share point to the cloud antonio...
 
A Practical Guide Information Governance with Microsoft SharePoint 2013
A Practical Guide Information Governance with Microsoft SharePoint 2013A Practical Guide Information Governance with Microsoft SharePoint 2013
A Practical Guide Information Governance with Microsoft SharePoint 2013
 
Best practices for security and governance in share point 2013 published
Best practices for security and governance in share point 2013 publishedBest practices for security and governance in share point 2013 published
Best practices for security and governance in share point 2013 published
 
Keeping SharePoint Always On
Keeping SharePoint Always OnKeeping SharePoint Always On
Keeping SharePoint Always On
 
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePointHow Claims is Changing the Way We Authenticate and Authorize in SharePoint
How Claims is Changing the Way We Authenticate and Authorize in SharePoint
 
Best practices for Security and Governance in SharePoint 2013
Best practices for Security and Governance in SharePoint 2013Best practices for Security and Governance in SharePoint 2013
Best practices for Security and Governance in SharePoint 2013
 
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
SPTechCon Boston 2013 - Introduction to Security in Microsoft Sharepoint 2013...
 
Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013Best Practices for Security in Microsoft SharePoint 2013
Best Practices for Security in Microsoft SharePoint 2013
 
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
Intro to Develop and Deploy Apps for Microsoft SharePoint and Office 2013
 
SharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the CloudSharePoint Governance: Impacts of Moving to the Cloud
SharePoint Governance: Impacts of Moving to the Cloud
 

Último

introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfVishalKumarJha10
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsArshad QA
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsAndolasoft Inc
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesVictorSzoltysek
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfproinshot.com
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerThousandEyes
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...harshavardhanraghave
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidPhilip Schwarz
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...Health
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...ICS
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...panagenda
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 

Último (20)

introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdfintroduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
introduction-to-automotive Andoid os-csimmonds-ndctechtown-2021.pdf
 
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICECHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
CHEAP Call Girls in Pushp Vihar (-DELHI )🔝 9953056974🔝(=)/CALL GIRLS SERVICE
 
Software Quality Assurance Interview Questions
Software Quality Assurance Interview QuestionsSoftware Quality Assurance Interview Questions
Software Quality Assurance Interview Questions
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
How To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.jsHow To Use Server-Side Rendering with Nuxt.js
How To Use Server-Side Rendering with Nuxt.js
 
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM TechniquesAI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
AI Mastery 201: Elevating Your Workflow with Advanced LLM Techniques
 
Exploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdfExploring the Best Video Editing App.pdf
Exploring the Best Video Editing App.pdf
 
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected WorkerHow To Troubleshoot Collaboration Apps for the Modern Connected Worker
How To Troubleshoot Collaboration Apps for the Modern Connected Worker
 
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
Reassessing the Bedrock of Clinical Function Models: An Examination of Large ...
 
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension AidDirect Style Effect Systems - The Print[A] Example - A Comprehension Aid
Direct Style Effect Systems - The Print[A] Example - A Comprehension Aid
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
+971565801893>>SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHAB...
 
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
The Real-World Challenges of Medical Device Cybersecurity- Mitigating Vulnera...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
W01_panagenda_Navigating-the-Future-with-The-Hitchhikers-Guide-to-Notes-and-D...
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
Microsoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdfMicrosoft AI Transformation Partner Playbook.pdf
Microsoft AI Transformation Partner Playbook.pdf
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 

Learn how to protect against and recover from data breaches in Office 365

  • 1. Learn How to Protect Against and Recover from Data Breaches in Office 365 Theresa Eller, Microsoft Premiere Field Engineer sharepointmadam@anythingbutcode.onmicrosoft.com Antonio Maio, Protiviti Senior Enterprise Architect & Microsoft MVP Antonio.Maio@Protiviti.com
  • 3.
  • 4. AGENDA 01 Common Attack Patterns 02 Types of Security Breaches 03 What Does a Security Breach Look Like 04 How to Investigate & Recover from an Attack 05 Protect from Future Attacks
  • 6. lllllllll lllllllll Phishing Password Spray Breach Replay 200K password spray attacks blocked in August 2018 23M high risk enterprise sign-in attempts detected in March 2018 4.6B attacker-driven sign-ins detected in May 2018 John Doe lllllll
  • 7. PHISHING & SPEAR PHISHING • One of the Most Common Attack Vectors • Targeted Attacks – They are formatted for you! • Attackers do their research • OS-INT (open source intelligence)
  • 8. PHISHING & SPEAR PHISHING • Lots of examples… ▪ Someone has accessed your account ▪ Verify your account ▪ Renew your subscription ▪ iTunes Receipt ▪ Replies (subject starting with Re:) when you never received original ▪ Review your PayPay account ▪ Review this invoice ▪ Urgent action required…
  • 9. CREDENTIAL STUFFING • So Many Passwords! • So many its Difficult for us to remember them all! • Attackers will rely on human nature! CREDENTIAL STUFFING: Re-using the Same Passwords Across Multiple Systems
  • 10. ACCESSING CREDENTIALS & SAVING ON HOME PC • Exposes Credentials to Home Users • Exposes Credentials to Software that Home Users Download … like malware!
  • 11. Types of Security Breaches
  • 14. What Does a Security Breach Look Like
  • 15. WHAT DOES A SECURITY BREACH LOOK LIKE? • Email anomalies • Emails from people/groups you don’t normally communicate with • Notifications from banks and online services you don’t normally interact with • Typos • Urgent call to action • Old contact information (old titles) • Slow computer/Slow web access
  • 17. • • • External Threat Phishing Research/OS-Int Only send to smaller partners (those less likely to have good security practices)
  • 18. • • • External Threat Phishing Only send to smaller partners (those less likely to have good security practices) • • • • partner4@trustedcompany.com •
  • 19. • • • External Threat Phishing Target specific executives within the organization that are likely to have access to financial information • • • • •
  • 22. • • • • • • Inadvertent or Accidental Data Leak The Careless The Inexperienced The Lazy The Home Worker The Newcomer The Stressed The Disorganized
  • 23. How to Investigate & Recover from an Attack
  • 25.
  • 26.
  • 27. • Soon to be on by default on all new mailboxes
  • 28.
  • 29.
  • 30.
  • 31.
  • 32.
  • 33.
  • 34.
  • 35.
  • 37. Security features must be enabled to protect you >99% of common user compromises are preventable Most customers enable features after they’re compromised Average account secure score today is 14.65/180 Baseline Protection Simple one-click experience enables our recommended security configuration and features Baseline configuration For admins MFA enabled for Azure AD privileged roles For all users MFA enabled Enrolled in the Microsoft authenticator app for MFA Require MFA when sign-in risk is detected Block legacy authentication protocols Block logins from compromised users
  • 39. Microsoft Secure Score Visibility into your Microsoftsecurity position and how to improve it Insights into your security position Guidance to increase your security level
  • 40.
  • 41. Identity Secure Score Checkout your Identity Secure Score now at aka.ms/MyIdentitySecureScore Insights into your security posture Guidance to help you secure your organization
  • 42. CONDITIONAL ACCESS APP CONTROL Microsoft Azure Active Directory Analyze Session RiskCheck device compliance with Intune Check location Check user behavior Check user organization Enforce Relevant Policies with Conditional Access App Control Protect downloads from unmanaged devices with AIP Monitor and alert on actions when user activity is suspicious Enforce read-only mode in applications for partner (B2B) users Require MFA and define session timeouts for unfamiliar locations BOX.US.CAS.MS Cloud App Security integrates with: • Azure Active Directory • Azure Information Protection • Microsoft Intune to protect any app in your organization.
  • 43. Unusual file share activity Unusual file download Unusual file deletion activity Ransomware activity Data exfiltration to unsanctioned apps Activity by a terminated employee Indicators of a compromisedsession Malicious useof an end-useraccount Malware implanted in cloud apps Malicious OAuth application Multiple failed login attempts to app Suspicious inbox rules (delete, forward) Threat delivery and persistence ! ! ! Unusual impersonated activity Unusual administrative activity Unusual multiple delete VM activity Malicious useof a privilegeduser Activity fromsuspicious IP addresses Activity fromanonymous IP addresses Activity froman infrequent country Impossibletravel between sessions Logon attempt from a suspicious user agent
  • 44. Brute force attempts Suspicious groups membership modifications Honey Token account suspicious activities Suspicious VPN connection Abnormal access to AIP protected data Reconnaissance (65% of alert volume) ! ! ! Compromised credentials (16% of alert volume) Lateral movement (11% of alert volume) Domain dominance (8% of alert volume) Golden ticket attack Skeleton Key Remote code execution on DC Service creation on DC DCShadow 86% 38% 10% 12% Directoryservices DNS Account enumeration SMB sessionenumeration Impacted organizations: recon attacks Pass-the-Ticket Pass-the-Hash Overpass-the-Hash
  • 45.
  • 46. MFA reduces the risk of an attack by 99.9% Have you turned on MFA?
  • 47. Corporate Network Geo-location MacOS Android iOS Windows Windows Defender ATP Client apps Browser apps Google ID MSA Azure AD ADFS Employee & Partner Users and Roles Trusted & Compliant Devices Location Client apps & Auth Method Conditions Microsoft Cloud App Security Force password reset Require MFA Allow/block access Terms of Use ****** Limited access Controls Machine learning Policies Real time Evaluation Engine Session Risk 3 40TB Effective policy
  • 49.  Enable MFA for your Admin Accounts or, even better, use PIM 1.7% admins protected by MFA  Monitor your Risk Reports  Use Identity Secure Score  Test passwordless sign-in with Microsoft Authenticator  Turn on Password Hash Sync  Pull Azure AD Logs into your SIEM systems  Block Legacy Auth  Modernize your password policy  Block Suspicious IPs  Enable user risk policy  Enable sign-in risk policy  Review app permissions & use MCAS 52
  • 50. Thank you! Theresa Eller, Microsoft Premiere Field Engineer sharepointmadam@anythingbutcode.onmicrosoft.com Antonio Maio, Protiviti Senior Enterprise Architect & Microsoft MVP Antonio.Maio@Protiviti.com