all InfoSec news
O365 on a Pentesting device? Am I right to think that this is horrible practice?
Sept. 14, 2023, 9:09 a.m. | /u/MrExpendable_
cybersecurity www.reddit.com
Working at my company as a security engineer. I recently discovered that our pentesting team is deploying O365 to their pentesting laptops. These are normally segregated from our standard environment, but because they have registered in O365 they become visible in our Azure Defender for Endpoint tenant.
This seems like a dangerous practice to me. We did put in place MFA and Conditional Access policies for the accounts which have the licenses assigned to them. But I can't help …
azure cybersecurity defender device engineer environment hello laptops o365 pentesting practice security security engineer standard team visible working
More from www.reddit.com / cybersecurity
Jobs in InfoSec / Cybersecurity
Enterprise Security Architect
@ Proofpoint | Utah
Senior Incident Response and Digital Forensics Engineer
@ Danske Bank | Vilnius, Lithuania
SOC Analyst (Remote)
@ Bertelsmann | New York City, US, 10019
Risk Consulting - Protect Tech - Staff - IT Compliance - ISO-NIST-FISMA-PCI DSS and Privacy
@ EY | Bengaluru, KA, IN, 560016
Security Officer Warrenpoint Harbour
@ TSS | Newry, County Down, United Kingdom
Senior DevSecOps Engineer
@ Scientific Systems Company, Inc. | Burlington, Massachusetts, United States