Law firm Lydian takes pioneering cybersecurity role

Law firm Lydian takes pioneering cybersecurity role

Lydian takes cybersecurity extremely seriously – both because of strict regulations and at the request of its customers. The company wants to take on a pioneering role that matches its tech-savvy ambitions.

Read more

How to bypass MFA in Azure and O365: part 3

How to bypass MFA in Azure and O365: part 3

This is the third and last part of our series about how to bypass MFA in Azure and O365. In this article, we share our advice on how you defend your organization against the attacks we described in parts 1 and 2.

Read more

Authentication context: what, why and when?

Authentication context: what, why and when?

Conditional Access authentication context is currently in public preview. It is a Zero Trust control plane that allows you to apply different access policies within all apps. Why, when, how do we use it?

Read more

Pen-testing in Microsoft Azure

Pen-testing in Microsoft Azure

Pen-testing is not incredibly complex, but doing it with respect for the rules of engagement, state rules, etc. can be very challenging.

Read more

How to bypass MFA in Azure and O365: part 2

How to bypass MFA in Azure and O365: part 2

In the first part of this series about how to bypass MFA in Azure and O365, we discussed how SSO works and how an attacker can abuse this. In this second part, we elaborate on a more complex attack technique based on MFA in Azure and O365.

Read more

How to bypass MFA in Azure and O365: part 1

How to bypass MFA in Azure and O365: part 1

This is part one of three blog posts about bypassing MFA in Azure AD and Office 365. In this first part of three, we explain how the Single Sign On (SSO) works and how an attacker might abuse this.

Read more

Why third party application patching is essential

Why third party application patching is essential

In this blog post, we explain why third party application patching is essential and how we approach this topic at SecWise. Are you looking to implement a similar framework or do you need help with getting started? Do not hesitate to reach out without any obligation.

Read more

Moving away from WIP towards Endpoint DLP

Moving away from WIP towards Endpoint DLP

In this blog we want to share some insights on Endpoint DLP and what the advantages are regarding Windows Information Protection (WIP). When it comes to protection of data on Windows 10 endpoints, we used to look at WIP which allowed us to configure policies for enlightened apps.

Read more

CLOUD SECURITY POSTURE MANAGEMENT: AZURE SECURE SCORE

CLOUD SECURITY POSTURE MANAGEMENT: AZURE SECURE SCORE

Cloud Security Posture Management (CSPM) is the buzz-word these days although relatively new. It comes in different flavors, different tools, all depending on your security needs. CSPM enables you to avoid misconfigurations that can potentially lead to data leakage(s).

Read more