Combatting Risky Sign-ins in Azure Active Directory

alexw@infosec.exchange find me!

Brilliant training on a critical feature

How cool is this?!

Why is everyone so excited about the new #azuread Authentication Strength feature in Conditional Access that was announced at Ignite last month? Here's are short thread about the feature. PS. There is a bonus if you read all the way to the end 😉👇

New EvilProxy Threat analytics report in M365D. EvilProxy is an adversary-in-the-middle (AiTM) phishing kit available as a new phishing-as-a-service (PhaaS). Microsoft released a new Threat analytic report in #M365D portal with the name; AiTM proliferation through EvilProxy

You can now search your #MicrosoftAuthenticator accounts on BOTH iOS and Android!! 🔔🎉 iOS rollout is in progress if you haven’t gotten it already!

https://t.co/NMvO2dq76c

When you do BYOD but need phish resistant auth - CBA on your unmanaged mobile devices:

Multifactor Authentication is one of the best ways to help protect against cyberattacks, but "MFA fatigue" is real. @CISAgov shares helpful guidance to implement phishing-resistant MFA including how to use Microsoft Authenticator.

Why is MFA over SMS/Voice not considered safe vs other MFA methods like TOTP & Authenticator apps? I'll break down a blog post by Microsoft's VP of Identity Security @Alex_T_Weinert on why he considers SMS to be the least secure of MFA methods. 👇

Don’t miss key a key update again – we’re automatically enabling critical security features to adapt to ever-changing threat vectors. See the new Microsoft Authenticator features now generally available! #MultifactorAuthentication #Passwordless

Simpler, more powerful Conditional Access policies using application tags:

Two great tastes that taste great together - Azure AD and Defender!

Huge congrats to the team on this one - end to end Identity Protection on prem to cloud, integrated into the Identity stack and for multi-pillar hunting - YES PLEASE! https://t.co/5ljFzbRAja @ravivtamir @idanplotnik @sarahhandler dream team!

User context, number matching, and more are GA in the Authenticator - fight (MFA) fatigue, turn on the features now!

Did you know that CA policies now provide granular control over the types of external users you want to apply the policy to? External users are categorized based on how they authenticate (internally or externally) and their relationship to your org (guest or member).

A good time to evaluate latest capabilities in #AzureAD #ConditionalAccess to improve your security baseline for privileged access: 💪 Authentication Strength to require WHfB/FIDO2 💻 Device Filters to enforce using secure admin devices 🏬 Policies for service providers (CSP)