EPISODE · Apr 8, 2025 · 32 MIN
Automatic Attack Disruption with OAuth Protection
from Blue Security · host Andy Jaw & Adam Brewer
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the intricacies of Microsoft's Automatic Attack Disruption feature, particularly focusing on its integration with OAuth protection. They discuss the risks associated with OAuth applications, the importance of signal correlation in detecting and mitigating attacks, and the capabilities of Microsoft's Defender XDR platform. The conversation highlights the need for organizations to configure their security settings effectively and the future direction of security practices towards a 'secure by default' approach.----------------------------------------------------YouTube Video Link: https://youtu.be/zLj5b8JFH2s----------------------------------------------------Documentation:https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/defending-against-oauth-based-attacks-with-automatic-attack-disruption/4384381https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/configure-user-consent?pivots=portalhttps://learn.microsoft.com/en-us/graph/permissions-referencehttps://learn.microsoft.com/en-us/defender-xdr/configure-attack-disruption----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube:https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
What this episode covers
SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer delve into the intricacies of Microsoft's Automatic Attack Disruption feature, particularly focusing on its integration with OAuth protection. They discuss the risks associated with OAuth applications, the importance of signal correlation in detecting and mitigating attacks, and the capabilities of Microsoft's Defender XDR platform. The conversation highlights the need for organizations to configure their security settings effectively and the future direction of security practices towards a 'secure by default' approach.----------------------------------------------------YouTube Video Link: https://youtu.be/zLj5b8JFH2s----------------------------------------------------Documentation:https://techcommunity.microsoft.com/blog/microsoftthreatprotectionblog/defending-against-oauth-based-attacks-with-automatic-attack-disruption/4384381https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/configure-user-consent?pivots=portalhttps://learn.microsoft.com/en-us/graph/permissions-referencehttps://learn.microsoft.com/en-us/defender-xdr/configure-attack-disruption----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube:https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: [email protected]----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: [email protected]
NOW PLAYING
Automatic Attack Disruption with OAuth Protection
No transcript for this episode yet