TBISAO: Preparing M365 for Miscreants: Configuration, Secure Scoring, and Constant Iteration of Badness
This webinar will be in “tenant-demo” setting. Join Josh Mattes, SEI’s Head of M365, as he walks through use-cases and configurations employed in his role protecting SEI. Josh has his CISSP & CCSP designations, and is a Certified Microsoft Trainer. If your bank has at least ‘Business Premium’ licenses, these ideas will be applicable. If not, Josh may be able to help make the case for budget to do so.
When
About
The Microsoft Cloud has become frontline defense for the preferred delivery vector of miscreants: email. As the battle wages on, the bad guys have iterated and found more success; consider how many credential harvesting emails your bank receives.
Microsoft has iterated as well, but one almost needs to be a Microsoft expert to fully utilize the features.
Learning Objectives
- Common vulnerabilities and the tactics threat actors use against them, seen from both defender AND the threat actor side.
- An emphasis on credential harvesting and the recent iterations used against previously acceptable defenses.
- Example ‘man in the middle’ attacks that SEI has had to handle
- New attack tactics: MS Teams phishing; addressing external access controls
- Data exfiltration controls