Cloud App Security - Call4Cloud

Honeypot: The Last Reconnaissance

September 17, 2021 rudyooms Comments 0 Comment

After reading this fantastic article on the Technet Community about the Attack Kill Chain, I realized I still needed to get this blog out. This blog will be about how you could set up some simple honeypot detections by creating some canary accounts to make sure you are protected against some insider threats. I am going to divide this blog into multiple parts: 1.Introduction 2.Honeypot document 3.Creating the document 4.Logging with alert policies 5.Logging with mcas policies 6.Results 1.Introduction Making…

Read More Read More

MCAS: Judgement Day

September 11, 2020 rudyooms Comments 0 Comment

This blog will be about how I broke my own Microsoft Cloud App Security instance. Cloud App Security is a fantastic product, it can help you discovering and protecting all that’s in your Microsoft 365 tenant. Some time ago I wrote an article on how to automate your Cloud App Security Enrollment. It can come in handy when you want to deploy all your custom made alerts to a new tenant. In the mean time I added a lot more…

Read More Read More

What Happened to Monitoring External Access to Your Data?

August 7, 2020 rudyooms Comments 0 Comment

Some time ago I wrote a blog about securing your data in which I described that this is only the first step in making sure your data is safe. For example, whilst working with Teams, did you think about the “shadow users”? These users are not members of your Teams / Microsoft 365 groups but can still somehow access your data. It’s very easy for an employee to share the whole Teams general folder within the Sharepoint site without you noticing. An employee just has to click on “share” to begin sharing it…

Read More Read More

Along came MCAS Automation

July 16, 2020 rudyooms Comments 3 comments

This blog will show you, how you could import your MCAS template with all your preconfigured rules into MCAS by using PowerShell. Tips and tricks are included at the end of this blog. How to best explain how MCAS works? Microsoft Cloud App Security is a Cloud Access Security Broker that supports various deployment modes including log collection, API connectors, and reverse proxy. It provides rich visibility, control over data travel, and sophisticated analytics to identify and combat cyber threats…

Read More Read More

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.