all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Compromising Identity Provider Federation

Add to bookmarks
c
Nov. 28, 2023, 8:03 p.m. |

Cloud Security Alliance cloudsecurityalliance.org

Originally published by CrowdStrike. CrowdStrike’s Incident Response team has seen a recent increase in cases involving adversaries that abuse identity provider federation to gain access to protected services by adding and authorizing rogue domains to federation. From these cases, patterns have emerged that indicate a common attack structure.Monitoring for identity provider abuse can be difficult, given that adversaries do so by leveraging legitimate cloud services, often using compromised ac...

abuse access adversaries attack cases crowdstrike domains federation identity identity provider incident incident response incident response team monitoring patterns response rogue services structure team

Visit resource

More from cloudsecurityalliance.org / Cloud Security Alliance

Cl
How DSPM Can Help Solve Healthcare Cybersecurity Attacks 5 days, 19 hours ago | cloudsecurityalliance.org
access access controls article attacks +41
Cl
Considerations When Including AI Implementations in Penetration Testing 5 days, 19 hours ago | cloudsecurityalliance.org
application artificial artificial intelligence ask +15
Cl
Five Reasons Why Ransomware Still Reigns 5 days, 19 hours ago | cloudsecurityalliance.org
ben ciso consent cxo +15
Cl
DevSecOps Tools 5 days, 20 hours ago | cloudsecurityalliance.org
code code management development devops +18
Cl
Your Ultimate Guide to Security Frameworks 1 week ago | cloudsecurityalliance.org
breaches build business customers +13
Cl
The Future of Cloud Cybersecurity 1 week ago | cloudsecurityalliance.org
businesses ceo cloud cloud computing +15
Cl
AI Hallucinations: The Emerging Market for Insuring Against Generative AI's Costly Blunders 1 week ago | cloudsecurityalliance.org
ai governance ai hallucinations blog chair +16
Cl
Why Business Risk Should be Your Guiding North Star for Remediation 1 week ago | cloudsecurityalliance.org
adoption agile attack attack surface +19
Cl
Upselling Cybersecurity: Why Baseline Security Features Shouldn’t Be a Commodity 1 week ago | cloudsecurityalliance.org
accountability advisory barr advisory consulting +23

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Security Engineer

@ Commit | San Francisco
View on infosec-jobs.com

Trainee (m/w/d) Security Engineering CTO Taskforce Team

@ CHECK24 | Berlin, Germany
View on infosec-jobs.com

Security Engineer

@ EY | Nicosia, CY, 1087
View on infosec-jobs.com

Information System Security Officer (ISSO) Level 3-COMM Job#455

@ Allen Integrated Solutions | Chantilly, Virginia, United States
View on infosec-jobs.com

Application Security Engineer

@ Wise | London, United Kingdom
View on infosec-jobs.com
View more jobs