Automatic Attack Disruption with OAuth Protection
Description
Summary
In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the intricacies of Microsoft's Automatic Attack Disruption feature, particularly focusing on its integration with OAuth protection. They discuss the risks associated with OAuth applications, the importance of signal correlation in detecting and mitigating attacks, and the capabilities of Microsoft's Defender XDR platform. The conversation highlights the need for organizations to configure their security settings effectively and the future direction of security practices towards a 'secure by default' approach.
----------------------------------------------------
YouTube Video Link: https://youtu.be/zLj5b8JFH2s
----------------------------------------------------
Documentation:
https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/defending-against-oauth-based-attacks-with-automatic-attack-disruption/4384381
https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/configure-user-consent?pivots=portal
https://learn.microsoft.com/en-us/graph/permissions-reference
https://learn.microsoft.com/en-us/defender-xdr/configure-attack-disruption
----------------------------------------------------
Contact Us:
Website: https://bluesecuritypod.com
Bluesky: https://bsky.app/profile/bluesecuritypod.com
LinkedIn: https://www.linkedin.com/company/bluesecpod
YouTube:
https://www.youtube.com/c/BlueSecurityPodcast
-----------------------------------------------------------
Andy Jaw
Bluesky: https://bsky.app/profile/ajawzero.com
LinkedIn: https://www.linkedin.com/in/andyjaw/
Email: andy@bluesecuritypod.com
----------------------------------------------------
Adam Brewer
Twitter: https://twitter.com/ajbrewer
LinkedIn: https://www.linkedin.com/in/adamjbrewer/
Email: adam@bluesecuritypod.com
United States
