all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Compromising Identity Provider Federation

Add to bookmarks
c
Nov. 28, 2023, 8:03 p.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by CrowdStrike. CrowdStrike’s Incident Response team has seen a recent increase in cases involving adversaries that abuse identity provider federation to gain access to protected services by adding and authorizing rogue domains to federation. From these cases, patterns have emerged that indicate a common attack structure.Monitoring for identity provider abuse can be difficult, given that adversaries do so by leveraging legitimate cloud services, often using compromised ac...

abuse access adversaries attack cases crowdstrike domains federation identity identity provider incident incident response incident response team monitoring patterns response rogue services structure team

Visit resource

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl
The Risk and Impact of Unauthorized Access to Enterprise Environments 2 days, 5 hours ago | cloudsecurityalliance.org
access advanced api api security +28
Cl
Automated Cloud Remediation – Empty Hype, Viable Strategy, or Something in Between? 2 days, 5 hours ago | cloudsecurityalliance.org
amp automated automation cloud +15
Cl
Cloud Security Alliance and SAFECode Release Sixth and Final White Paper in Its Six Pillars … 4 days, 11 hours ago | cloudsecurityalliance.org
alliance best practices certifications clear +19
Cl
Apple's New iMessage, Signal, and Post-Quantum Cryptography 4 days, 13 hours ago | cloudsecurityalliance.org
apple application attack computers +25
Cl
2024 State of SaaS Security Report Shows A Gap Between Security Team Confidence And Complexity … 4 days, 13 hours ago | cloudsecurityalliance.org
applications complexity data enterprise +18
Cl
Navigating Cloud Security Best Practices: A Strategic Guide 1 week, 2 days ago | cloudsecurityalliance.org
best practices blog cloud cloud computing +25
Cl
Building Trust Through Vendor Risk Management 1 week, 2 days ago | cloudsecurityalliance.org
advisory barr advisory building building trust +19
Cl
New SEC Rules: Material Incident Reporting Through Cybersecurity Disclosures 1 week, 3 days ago | cloudsecurityalliance.org
aim companies cybersecurity cybersecurity risks +22
Cl
A Risk-Based Approach to Vulnerability Management 1 week, 4 days ago | cloudsecurityalliance.org
armorcode attacks events impact +13

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

Information Security Engineers

@ D. E. Shaw Research | New York City
View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada
View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA
View on infosec-jobs.com

Senior - Penetration Tester

@ Deloitte | Madrid, España
View on infosec-jobs.com

Associate Cyber Incident Responder

@ Highmark Health | PA, Working at Home - Pennsylvania
View on infosec-jobs.com

Senior Insider Threat Analyst

@ IT Concepts Inc. | Woodlawn, Maryland, United States
View on infosec-jobs.com