Automatic Attack Disruption with OAuth Protection
Blue Security8 Apr

Automatic Attack Disruption with OAuth Protection

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the intricacies of Microsoft's Automatic Attack Disruption feature, particularly focusing on its integration with OAuth protection. They discuss the risks associated with OAuth applications, the importance of signal correlation in detecting and mitigating attacks, and the capabilities of Microsoft's Defender XDR platform. The conversation highlights the need for organizations to configure their security settings effectively and the future direction of security practices towards a 'secure by default' approach.

----------------------------------------------------

YouTube Video Link: ⁠⁠⁠https://youtu.be/zLj5b8JFH2s

----------------------------------------------------

Documentation:

https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/defending-against-oauth-based-attacks-with-automatic-attack-disruption/4384381

https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/configure-user-consent?pivots=portal

https://learn.microsoft.com/en-us/graph/permissions-reference

https://learn.microsoft.com/en-us/defender-xdr/configure-attack-disruption

----------------------------------------------------

Contact Us:

Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com

Bluesky: https://bsky.app/profile/bluesecuritypod.com

LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod

YouTube:

⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast

-----------------------------------------------------------

Andy Jaw

Bluesky: https://bsky.app/profile/ajawzero.com

LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/

Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠

----------------------------------------------------

Adam Brewer

Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer

LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/

Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

Avsnitt(269)

Protect your home network by the NSA

Protect your home network by the NSA

On this week's episode, Adam and Andy talk about the NSA's guidance on how to secure your home network. This may be basic for most cybersecurity pros but there's a lot of great information here that maybe even the most seasoned veterans of cybersecurity can still pick up a couple pointers. ------------------------------------------- Youtube Video Link: https://youtu.be/dsY3pmyXzVM ------------------------------------------- Documentation: https://media.defense.gov/2023/Feb/22/2003165170/-1/-1/0/CSI_BEST_PRACTICES_FOR_SECURING_YOUR_HOME_NETWORK.PDF https://twitter.com/racheltobac/status/1636481960221765632?s=46&t=wVpJpdH7u2mDZZDEtx3bMg------------------------------------------- Contact Us: Website: ⁠⁠https://bluesecuritypod.com⁠⁠ Twitter: ⁠⁠https://twitter.com/bluesecuritypod⁠⁠ Linkedin: ⁠⁠https://www.linkedin.com/company/bluesecpod⁠⁠ Youtube: ⁠⁠https://www.youtube.com/c/BlueSecurityPodcast⁠⁠ Twitch: ⁠⁠https://www.twitch.tv/bluesecuritypod⁠⁠ ------------------------------------------- Andy Jaw Mastodon: ⁠⁠https://infosec.exchange/@ajawzero⁠⁠ Twitter: ⁠⁠https://twitter.com/ajawzero⁠⁠ LinkedIn: ⁠⁠https://www.linkedin.com/in/andyjaw/⁠⁠ Email: ⁠⁠andy@bluesecuritypod.com⁠⁠ ------------------------------------------- Adam Brewer Twitter: ⁠⁠https://twitter.com/ajbrewer⁠⁠ LinkedIn: ⁠⁠https://www.linkedin.com/in/adamjbrewer/⁠⁠ Email: ⁠⁠adam@bluesecuritypod.com

27 Mars 202334min

White House National Cybersecurity Strategy

White House National Cybersecurity Strategy

On this week's episode, Adam and Andy talk about the new White House National Cybersecurity Strategy from the Biden-Harris administration. ------------------------------------------- Youtube Video Link: ⁠https://youtu.be/BxG155ryP5I ------------------------------------------- Documentation: https://www.whitehouse.gov/briefing-room/statements-releases/2023/03/02/fact-sheet-biden-harris-administration-announces-national-cybersecurity-strategy/ https://www.whitehouse.gov/wp-content/uploads/2023/03/National-Cybersecurity-Strategy-2023.pdf https://blogs.microsoft.com/on-the-issues/2023/03/09/national-cybersecurity-strategy-cyber-readiness/ ------------------------------------------- Contact Us: Website: ⁠https://bluesecuritypod.com⁠ Twitter: ⁠https://twitter.com/bluesecuritypod⁠ Linkedin: ⁠https://www.linkedin.com/company/bluesecpod⁠ Youtube: ⁠https://www.youtube.com/c/BlueSecurityPodcast⁠ Twitch: ⁠https://www.twitch.tv/bluesecuritypod⁠ ------------------------------------------- Andy Jaw Mastodon: ⁠https://infosec.exchange/@ajawzero⁠ Twitter: ⁠https://twitter.com/ajawzero⁠ LinkedIn: ⁠https://www.linkedin.com/in/andyjaw/⁠ Email: ⁠andy@bluesecuritypod.com⁠ ------------------------------------------- Adam Brewer Twitter: ⁠https://twitter.com/ajbrewer⁠ LinkedIn: ⁠https://www.linkedin.com/in/adamjbrewer/⁠ Email: ⁠adam@bluesecuritypod.com

20 Mars 202328min

Intune Suite

Intune Suite

On this week's episode, Adam and Andy talk about the new Intune Suite. This is a new offering from Microsoft that will help bolster the security and streamline device management. Listen in to hear about the different components like Remote Help, Endpoint Privilege Management, Advanced Endpoint Analytics, and more! ------------------------------------------- Youtube Video Link: https://youtu.be/2VSn2-0w1LQ ------------------------------------------- Documentation: https://www.microsoft.com/en-us/security/blog/2023/03/01/the-microsoft-intune-suite-fuels-cyber-safety-and-it-efficiency/ https://techcommunity.microsoft.com/t5/microsoft-intune-blog/enable-windows-standard-users-with-endpoint-privilege-management/ba-p/3755710 https://techcommunity.microsoft.com/t5/microsoft-intune-blog/remote-help-enhancements-speed-and-ease-secure-it-support/ba-p/3755686 https://techcommunity.microsoft.com/t5/microsoft-intune-blog/introducing-advanced-endpoint-analytics-with-microsoft-intune/ba-p/3755507 ------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Mastodon: https://infosec.exchange/@ajawzero Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

13 Mars 202318min

Lastpass Incident Update

Lastpass Incident Update

On this week's episode, Adam and Andy talk about the update to the Lastpass security incident. There are a lot of lessons to learn from the mistakes of Lastpass. Props to Lastpass on the disclosure of how the incidents unfolded. The hope is we can use this information to secure our own organizations. ------------------------------------------- Youtube Video Link: https://youtu.be/FHjDvLoZXno ------------------------------------------- Documentation: https://blog.lastpass.com/2023/03/security-incident-update-recommended-actions/ https://support.lastpass.com/help/incident-1-additional-details-of-the-attack https://support.lastpass.com/help/incident-2-additional-details-of-the-attack ------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Mastodon: https://infosec.exchange/@ajawzero Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

6 Mars 202335min

Road to the Cloud

Road to the Cloud

On this week's episode, Adam and Andy talk about the different states of transformation when going through your journey to reduce dependency on on-premise infrastructure and Active Directory by shifting to the cloud. ------------------------------------------- Youtube Video Link: https://youtu.be/44xEZCedbkI ------------------------------------------- Documentation: https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/road-to-the-cloud-introduction https://learn.microsoft.com/en-us/assessments/93dfb79b-71af-404d-897e-3928ecfb92b1/ ------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Mastodon: https://infosec.exchange/@ajawzero Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

27 Feb 202339min

Identity Trends

Identity Trends

On this week's episode, Adam and Andy talk through Alex Weinert's post about Identity Trends. Stay through the end to get your identity to-do list for this year! ------------------------------------------- Youtube Video Link: https://youtu.be/RkxqTcXhz1A ------------------------------------------- Documentation: http://www.microsoft.com/en-us/security/blog/2023/01/26/2023-identity-security-trends-and-solutions-from-microsoft/ ------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Mastodon: https://infosec.exchange/@ajawzero Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

20 Feb 202336min

Identity Governance and Administration

Identity Governance and Administration

On this week's episode, Adam and Andy talk about Identity Governance and Administration (IGA). They talk about what makes up a good IGA program and advice on some policies and procedures. They also talk about Azure AD Governance and Entra Permissions Management which are some great solutions for an IGA program. ------------------------------------------- Youtube Video Link: https://youtu.be/Gg-zFlhDOwc ------------------------------------------- Documentation: https://learn.microsoft.com/en-us/azure/active-directory/governance/identity-governance-overview ------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Mastodon: https://infosec.exchange/@ajawzero Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

13 Feb 202333min

ChatGPT

ChatGPT

On this week's episode, Adam and Andy talk about ChatGPT. This innovative AI based chatbot is stirring up a storm of news. They'll talk about what it is and some great use cases for infosec professionals. ------------------------------------------- Youtube Video Link: https://youtu.be/6Z7hkTkaTbc ------------------------------------------- Documentation: https://blogs.microsoft.com/blog/2023/01/23/microsoftandopenaiextendpartnership/ https://www.theverge.com/2023/2/3/23584675/microsoft-ai-bing-chatgpt-screenshots-leak https://beta.openai.com/docs/usage-policies/content-policy https://link.medium.com/Ija6ekPTLwb ------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Mastodon: https://infosec.exchange/@ajawzero Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

6 Feb 202326min

Populärt inom Teknik

uppgang-och-fall
rss-racevecka
elbilsveckan
bilar-med-sladd
market-makers
rss-badfluence
skogsforum-podcast
rss-uppgang-och-fall
rss-technokratin
natets-morka-sida
rss-elektrikerpodden
developers-mer-an-bara-kod
hej-bruksbil
rss-digitala-influencer-podden
rss-veckans-ai
har-vi-akt-till-mars-an
garagehang
solcellskollens-podcast
rss-laddstationen-med-elbilen-i-sverige
rss-snacka-om-ai