all InfoSec news
Directory.ReadWrite.All Is Not As Powerful As You Might Think
Feb. 12, 2024, 6:10 p.m. | MalBot
Malware Analysis, News and Indicators - Latest topics malware.news
Directory.ReadWrite.All is an MS Graph permission that is frequently cited as granting high amounts of privilege, even being equated to the Global Admin Entra ID role.
Why it matters
- Azure admins and security professionals may put undue focus on this permission at the expense of more impactful permissions
- Those more impactful permissions may go ignored, leaving potentially dangerous configurations in place
Yes, but…
- Directory.ReadWrite.All does grant some privileges, and those privileges can lead to dangerous attack paths depending on other …
admin azure directory entra entra id focus global graph high may permission permissions privilege professionals readwrite role security security professionals
More from malware.news / Malware Analysis, News and Indicators - Latest topics
Jobs in InfoSec / Cybersecurity
Social Engineer For Reverse Engineering Exploit Study
@ Independent study | Remote
Associate Manager, BPT Infrastructure & Ops (Security Engineer)
@ SC Johnson | PHL - Makati
Cybersecurity Analyst - Project Bound
@ NextEra Energy | Jupiter, FL, US, 33478
Lead Cyber Security Operations Center (SOC) Analyst
@ State Street | Quincy, Massachusetts
Junior Information Security Coordinator (Internship)
@ Garrison Technology | London, Waterloo, England, United Kingdom
Sr. Security Engineer
@ ScienceLogic | Reston, VA