How to bypass MFA in Azure and O365: part 1

How to bypass MFA in Azure and O365: part 1

This is part one of three blog posts about bypassing MFA in Azure AD and Office 365. In this first part of three, we explain how the Single Sign On (SSO) works and how an attacker might abuse this.

Read more

Why third party application patching is essential

Why third party application patching is essential

In this blog post, we explain why third party application patching is essential and how we approach this topic at SecWise. Are you looking to implement a similar framework or do you need help with getting started? Do not hesitate to reach out without any obligation.

Read more

Moving away from WIP towards Endpoint DLP

Moving away from WIP towards Endpoint DLP

In this blog we want to share some insights on Endpoint DLP and what the advantages are regarding Windows Information Protection (WIP). When it comes to protection of data on Windows 10 endpoints, we used to look at WIP which allowed us to configure policies for enlightened apps.

Read more

CLOUD SECURITY POSTURE MANAGEMENT: AZURE SECURE SCORE

CLOUD SECURITY POSTURE MANAGEMENT: AZURE SECURE SCORE

Cloud Security Posture Management (CSPM) is the buzz-word these days although relatively new. It comes in different flavors, different tools, all depending on your security needs. CSPM enables you to avoid misconfigurations that can potentially lead to data leakage(s).

Read more

SecWise secures FIT’s cyber-doors to prevent attacks

SecWise secures FIT’s cyber-doors to prevent attacks

In 2015, Flanders Investment & Trade launched an IT strategy to systematically switch to the cloud. At the same time, in addition to traditional centralized perimeter security control, attention also had to be paid to decentralized cyber security. After conducting various security audits and evaluating several security applications, FIT opted for the Microsoft 365 Defender suite.

Read more

GO! gains the equivalent of half an FTE with new Microsoft security application

GO! gains the equivalent of half an FTE with new Microsoft security application

Eighteen months ago, GO! – the Department of Education for the Flemish Community – became the victim of several digital hacking attempts, with software for virtual desktops targeted in particular. For ICT manager Jan Buytaert, this wasn’t just the final straw to accelerate the migration to Microsoft Azure and Microsoft Office 365, it was also an added incentive to get a stronger grip on cyber security.

Read more

Remote working: cyber security risks and best practices

Remote working: cyber security risks and best practices

COVID-19 has impacted businesses and employees in various ways. One common fact is that we all tumbled into the sudden need to work remotely. But without the appropriate controls, new risks will unintentionally be introduced into your organization. Work remotely in a secure manner with our top 5 threat checks.

Read more

Keep control over your corporate data on users’ personal devices

Keep control over your corporate data on users’ personal devices

The management of personal devices isn’t always an easy sell within an organization – employees are often reluctant to have their personal device managed by their employer. Luckily, there is Microsoft Application Management (MAM), which helps companies secure corporate data on mobile devices.

Read more

Turn off Azure AD ‘Application consent by users’ now!

Turn off Azure AD ‘Application consent by users’ now!

SecWise has seen a growing number of attacks that rely on the application consent default configuration in Azure AD, which allows threat actors to get access to users’ data, mails and more. It is strongly advised to turn off this feature as soon as possible!

Read more