Office 365 from a hacker’s perspective: real-life threats, tactics, and remedies
Ben Menesi
Office 365 environments are very attractive targets for attackers. So, it’s never been more important to understand how its security structure works, and how to best configure it. In this in-depth session, we’ll run through real-time attack scenarios and examine common attack vectors. And then we’ll explore the various defense capabilities of Office 365, the MS Graph API, and Azure AD. We’ll deep-dive into external sharing, authentication options, third-party application security (what apps should and shouldn’t be able to do), and even some do’s and don’ts regarding Azure AD endpoints and authorization mechanisms. You’ll walk away with a solid understanding of how to use the Office 365 defense tools at your disposal, such as the Attack Simulator and Threat Intelligence, as well as how they relate to real-world attacks.