Microsoft Ignite /18/2019 7:21 AM

Slides:



Advertisements
Similar presentations
Protect communications Conditions Actions Exceptions Conditions Actions Exceptions.
Advertisements

Reduce Risk Across Hybrid IT
Reduce Risk Across Hybrid IT
LOCAL CLOUDINESS Dino Buljubašić Rijad Smajlović
A Hitchhiker's Guide to Azure Active Directory
Stay Ahead of Cyberattacks with Office 365 Threat Intelligence
“Introduction to Azure Security Center”
Identity & Access Management for a cloud-first, mobile-first world
Journey to Microsoft Secure Cloud
Azure Information Protection Strategy and Roadmap
SaaS Application Deep Dive
Azure AD for the client management guy (or gal!)
6/19/2018 2:57 AM THR3092 Monitor and investigate actions on your user and data with alerts, insights and reports Binyan Chen Program Manager II, Office.
Microsoft /20/2018 9:26 AM BRK1037 Win the IT security battle: automate password changes, privileged access & Minimize Cyber Losses Christopher.
Microsoft /20/2018 9:26 AM THR2063 Automate password changes for Windows Services, Administrator, Root Accounts & SSH Keys Jonathan Sander Lieberman.
6/22/ :39 PM BRK3137 Secure Office 365 like a cybersecurity pro: Top priorities for the first 30 days, 90 days and beyond Mark Simos, Matt Kemelhar.
6/25/ :13 PM BRK1076 Make Windows devices more secure by taking them out of your existing infrastructure Chris Rhodes & Andrew Bettany MCTs & MVPs.
Microsoft /1/2018 5:38 PM Send secure to anyone with the power of Office 365 and  Azure Information Protection Gagan Gulati Ian Hameroff.
Understanding Multi-Geo Capabilities in Office 365
Protect sensitive information with Office 365 DLP
Securing, Governing, and Protecting Your Office 365 Investments
9/4/2018 6:45 PM Secure your Office 365 environment with best practices recommended for political campaigns Ethan Chumley Campaign Technology Advisor Civic.
Microsoft Ignite /31/ :08 AM
Easily secure your sensitive with Office 365 message encryption
8/7/ :28 AM BRK3198 Monitor and investigate actions on your user and data with alerts, insights and reports Binyan Chen Program Manager II, Office.
The utility belt for managing security and compliance in Office 365
Azure API Management Jothi Prakash A
Enable external sharing and collaboration with OneDrive and SharePoint
Rights Management Services (RMS)
9/14/2018 2:22 AM THR2026 Set up secure and efficient collaboration for your organization with Office 365 Joe Davies Senior Content Developer Brenda Carter.
Reduce Risk Across Hybrid IT
Office 365 with confidence: security features for Office 365
Beyond the Fortress Network
Enterprise security for big data solutions on Azure HDInsight
Protect your OneDrive and SharePoint files on mobile devices
11/15/2018 3:42 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
11/16/2018 © 2014 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks.
Secure your Active Directory to mitigate risk in the cloud
11/17/2018 9:32 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Welcome! Power BI User Group (PUG)
Microsoft Ignite /20/2018 2:21 PM
11/24/2018 4:51 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
12/1/ :04 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
12/5/2018 2:50 AM How to secure your front door with real-time risk assessments of your logons Jan Ketil Skanke COO and Principal Cloud Architect CloudWay.
Modern Windows 10 device 12/2/2018 E3 E3 P E3 P P P P E3 E3 P P P P P
Everything Windows User Group Meeting, Aug 2016
Office 365 Secure Score: Actionable Security Analytics
1/16/2019 4:44 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Surviving identity management in a hybrid world
4/3/2019 3:20 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS.
Protecting your data with Azure AD
4/9/2019 5:05 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS.
4/9/ :42 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
4/15/2019 1:57 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Empower your users with Azure Active Directory Premium
Information Protection
Elevate Access Global Admin Role
5/30/2019 1:59 PM © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION.
7/2/2019 8:03 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS.
<offer name> with Microsoft 365 Business Secure Deployment
SQL Server Assessment Results
Skype for Business Online Assessment Results
Exchange Online Assessment Results
Active Directory Security Assessment Results
Azure Active Directory Identity Protection
Microsoft Data Insights Summit
Microsoft Ignite NZ October 2016 SKYCITY, Auckland.
Information Protection
11/19/2019 4:08 PM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN.
Presentation transcript:

Microsoft Ignite 2016 1/18/2019 7:21 AM © 2016 Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Anatomy of an attack: Defending yourself in the Office 365 Cloud 1/18/2019 7:21 AM Anatomy of an attack: Defending yourself in the Office 365 Cloud Brandon Koeller Principal Program Manager Lead © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Agenda Takeaways Attack stages Recon Initial breach 1/18/2019 7:21 AM Agenda Takeaways Attack stages Recon Initial breach Elevation of privilege Entrenchment Exfiltration Wrap-up © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Takeaways How will an attacker try to get my data? 1/18/2019 7:21 AM Takeaways How will an attacker try to get my data? What can I do to protect myself in the O365 Cloud? © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Elevation of Privilege 1/18/2019 7:21 AM Attack stages Recon Initial Breach Elevation of Privilege Entrenchment Exfiltration © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Attack: Recon Who is my target? Is the target company in O365? 1/18/2019 7:21 AM Attack: Recon Who is my target? Is the target company in O365? What data am I looking to acquire? Which user account do I need to acquire? Demo: Maltego Teeth Demo: Google Dorking © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

1/18/2019 7:21 AM Defend: Recon How do you prevent someone from discovering information about you and your company? You can’t. Think like an attacker and recon yourself! https://tools.kali.org/information-gathering/maltego-teeth, https://paterva.com/web7/buy/maltego-clients.php Google Dorking. https://www.exploit-db.com/google-hacking-database/ © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Attack: Initial breach 1/18/2019 7:21 AM Attack: Initial breach Password spray Brute force Social engineering, phishing Password re-use Demo: Mailsniper password spray with guessed usernames © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Defend: Initial breach 1/18/2019 7:21 AM Defend: Initial breach Best defense is a good offense. Attack yourself. MFA Disabling Basic Auth Failed Logon Policies Phishing protections Demo: Threat Finder © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Attack: Elevation of privilege 1/18/2019 7:21 AM Attack: Elevation of privilege Enumerate directory Find admins Password spray until you win Demo: Directory enum, admin role enum, mailsniper password spray admins © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Defend: Elevation of privilege 1/18/2019 7:21 AM Defend: Elevation of privilege MFA Least privilege Just in time access Alt accounts Demo: Monitoring admin activity © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Attack: Entrenchment Creating alt accounts Impersonation 1/18/2019 7:21 AM Attack: Entrenchment Creating alt accounts Impersonation Delegate permissions Demo: Injecting mail forwarding rules, delegates, impersonation, forms © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Defend: Entrenchment Monitoring is the key. 1/18/2019 7:21 AM Defend: Entrenchment Monitoring is the key. Prevent mail forwarding rules via secure score. Demo: Mail forwarding rules prevention via secure score Demo: Get-AllTenantRulesAndForms.ps1 © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Attack: Exfiltration Accounts are access 1/18/2019 7:21 AM Attack: Exfiltration Accounts are access Exfiltration mostly by smash and grab (after lengthy recon) Demo: Impersonation, global mail search via Mailsniper © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

1/18/2019 7:21 AM Defend: Exfiltration Protect your highest sensitivity data with data classification, DLP, IRM, etc. Monitor for things like cross-mailbox search queries. Monitor for gateway mechanisms like impersonation. Demo: Cloud App Security © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Wrap-up Data and visibility is key. 1/18/2019 7:21 AM Wrap-up Data and visibility is key. Enable your audit data feed. Risks spread across hybrid and multi-cloud. Threat scenarios are generic, protections are specific. Cloud services still leave you with core security accountabilities. Plan, implement, test. © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

1/18/2019 7:21 AM © Microsoft Corporation. All rights reserved. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.