Authentication context: what, why and when?
Conditional Access authentication context is currently in public preview. It is a Zero Trust control plane that allows you to apply different access policies within all apps. Why, when, how do we use it?
Conditional Access authentication context is currently in public preview. It is a Zero Trust control plane that allows you to apply different access policies within all apps. Why, when, how do we use it?
This is part three of three blog posts about bypassing MFA in Azure AD and Office 365. In this article, we share our advice on how you defend your organization against the attacks we described in parts 1 and 2.
This is part two of three blog posts about bypassing MFA in Azure AD and Office 365. In this second part, we elaborate on a more complex attack technique based on MFA in Azure and O365.
This is part one of three blog posts about bypassing MFA in Azure AD and Office 365. In this first part of three, we explain how the Single Sign On (SSO) works and how an attacker might abuse this.
SecWise has seen a growing number of attacks that rely on the application consent default configuration in Azure AD, which allows threat actors to get access to users’ data, mails and more. It is strongly advised to turn off this feature as soon as possible!
When talking to customers about Microsoft 365 security, we often kick off with reviewing the security of Azure Active Directory. Whether you are using O365 (E1 or E3), Intune (or any other product from the EMS Suite) or Azure IaaS and PaaS services, you already have Azure Active Directory! In this blogpost, we highlight the most important Azure AD features that you should be aware of.