SOC Modernization is a need of the hour. It was great participating in this important discussion with this esteemed panel.
Join us for our Exclusive Roundtable on “𝐒𝐎𝐂 𝐌𝐨𝐝𝐞𝐫𝐧𝐢𝐳𝐚𝐭𝐢𝐨𝐧” scheduled on 𝐅𝐫𝐢𝐝𝐚𝐲, 𝟐𝟓𝐭𝐡 𝐅𝐞𝐛𝐫𝐮𝐚𝐫𝐲 𝟐𝟎𝟐𝟐 𝐟𝐫𝐨𝐦 𝟎𝟑:𝟎𝟎 𝐏𝐌 𝐭𝐨 𝟎𝟒: 𝟎𝟎 𝐏𝐌 𝐈𝐒𝐓
Office 365 Advanced Threat Protection enables additional layer of protection against malicious URLs, Malicious Attachments and Phishing campaigns.
In my previous posts we talked about these configurations, please click on the hyperlinks below to see those posts.
1. Best practices in configuring Office 365 Safe Attachments
2. Best Practices in configuring Office 365 Safe Links.
Today we’ll take a look at anti phishing policies which can be configured in Office 365 for protection against
User Impersonation : User Impersonation configuration allows organization to list down their top executives like CEO, CFO, Directors etc and any emails coming with the exact same display name and going to users will be quarantined/delivered to Junk as per the configuration.
Domain Impersonation : Domain Impersonation configuration protects against emails coming with similar typosquatted domains like yours. For eg. your organizations domain is Contoso.com and attackers may send emails after registering similar looking domains like Cont0so.com, Contoso-inc.com etc.
Domain Spoofing : Domain spoofing configuration enables domain authentication like SPF, DKIM, DMARC to be enforced validating the origin of the emails as per the from address and block/quarantine/junk those emails which fails authentication.
I have created this video tutorial of Step by Step tutorial of the recommended configurations of Anti Phishing Policies in Office 365 Advanced Threat Protection.
Hope you like the videos, please do subscribe to the channel to be updated with future tutorials.
Cheers
Will be speaking at ET CIO Virtua Event on Cybersecurity myth busters. Please join.
ETCISO.in and Microsoft organized a one-day conclave to enable CISOs enhance their security stance in the era of flux and transformation. The conclave served as a platform for top CISOs and security experts to deliberate on the latest opportunities, challenges and trends in the enterprise cybersecurity space.
It was really speaking at this event on “ Top Security Myth busters” which was all about various myths within the security community and in organizations for their internal cyber security and compare them with things happening in reality. This session also had some demos on some of Microsoft’s investments in threat detection capabilities and remediation accross Email Security, Endpoint Security and Identity protection.
If you happened to attend this event in person, I really hope you liked it.
If you couldn’t attend it in person, the sessions were streamed LIVE and now available On-Demand below.
My Session starts at ~ 4:28:00
One of the major attack vector used by threat actors are sending emails with malicious URLs. These emails without any malicious attachments usually has luring text which encourages users to click on a link to take any action and then take them to a Phishing URL or a webpage with malicious content.
For E.g. the email below, which looks like it has come from Microsoft to users and asking users to click on a URL which would lead to
Office 365 Advanced Threat Protection enables Safe Link policy which protects users at the time of click by verifying the URL against threat intelligence for any phishing page or malicious content.
Please watch this video on how to configure Office 365 Safe Links with recommended configurations.
if you want to see a quick demo on how Office 365 Safe works, checkout the following video.
Security and End User Experience don’t often go hand in hand, the art is to find the right balance.
I often get asked how should I configure my Office 365 Advanced Threat Protection Safe Attachments policy to achieve maximum protection against modern day threats such as Zero Day Exploits, Macro Based trojans and other specially crafted malicious attachment.
In this video, we’ll go through some of the recommendations on configuring ATP Safe Attachment policy in Office 365.
I’ll be speaking at Digital Governance Tech Summit 2019, New Delhi on
Security considerations while moving to the cloud” – 1615 Hrs, 27th August 2019
In this session, learn about various security considerations organizations to make while moving to cloud, shared responsibilities between cloud provider and end customers.
If you happen to be participating in this conference, please do stop by and say hi.
There are other great sessions in this conference presented by elite Microsoft speakers and other industry veterans like Keynote by Ananth Maheshwari, President Microsoft India and Amitabh Kant, CEO, Niti Aayog, Govt of India.
You can find the list of entire list of sessions and tracks here
I look forward to have some of you in the session and discuss more on your secure cloud journey.
Cheers
Iftekhar