Player FM 앱으로 오프라인으로 전환하세요!
SaaS Exposed: Unmasking Cyber Risks in Cloud Integrations
Manage episode 412982150 series 3486243
Luke Jennings, VP of Research & Development at Push Security joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Luke explains his recent presentation on a new SaaS cyber kill chain, exploring how attackers might target modern organizations heavily reliant on cloud and SaaS services, even when traditional infrastructure is minimal. The latest kill chain involves developing attack techniques specific to this environment, covering topics like lateral movement without conventional network infrastructure and adapting known techniques such as password guessing attacks to the SaaS landscape. Luke, Wendy, and Nic discuss the complexities of SaaS security, the intricacies of evil twin integrations, detection challenges, mitigation strategies, and the overall impact of these security issues on organizations.
In This Episode You Will Learn:
- Identifying malicious activities and understanding normal application behavior
- The importance of having structured methodologies for approving SaaS app usage
- Challenges organizations face in detecting and preventing SaaS application threats
Some Questions We Ask:
- How can an organization create alerts for new, unknown SaaS app integrations?
- What happens when a SaaS app integration is duplicated by an attacker?
- Would having a structured methodology for SaaS app usage help minimize risk?
Resources:
View Luke Jennings on LinkedIn
View Nic Fillingham on LinkedIn
Related Microsoft Podcasts:
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Hosted on Acast. See acast.com/privacy for more information.
37 에피소드
Manage episode 412982150 series 3486243
Luke Jennings, VP of Research & Development at Push Security joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Luke explains his recent presentation on a new SaaS cyber kill chain, exploring how attackers might target modern organizations heavily reliant on cloud and SaaS services, even when traditional infrastructure is minimal. The latest kill chain involves developing attack techniques specific to this environment, covering topics like lateral movement without conventional network infrastructure and adapting known techniques such as password guessing attacks to the SaaS landscape. Luke, Wendy, and Nic discuss the complexities of SaaS security, the intricacies of evil twin integrations, detection challenges, mitigation strategies, and the overall impact of these security issues on organizations.
In This Episode You Will Learn:
- Identifying malicious activities and understanding normal application behavior
- The importance of having structured methodologies for approving SaaS app usage
- Challenges organizations face in detecting and preventing SaaS application threats
Some Questions We Ask:
- How can an organization create alerts for new, unknown SaaS app integrations?
- What happens when a SaaS app integration is duplicated by an attacker?
- Would having a structured methodology for SaaS app usage help minimize risk?
Resources:
View Luke Jennings on LinkedIn
View Nic Fillingham on LinkedIn
Related Microsoft Podcasts:
Discover and follow other Microsoft podcasts at microsoft.com/podcasts
Hosted on Acast. See acast.com/privacy for more information.
37 에피소드
Усі епізоди
×플레이어 FM에 오신것을 환영합니다!
플레이어 FM은 웹에서 고품질 팟캐스트를 검색하여 지금 바로 즐길 수 있도록 합니다. 최고의 팟캐스트 앱이며 Android, iPhone 및 웹에서도 작동합니다. 장치 간 구독 동기화를 위해 가입하세요.