Why Your Conditional Access Policies Are Failing [5 Major Pitfalls]

Поділитися
Вставка

КОМЕНТАРІ • 12

  • @eddiegerlach7121
    @eddiegerlach7121 4 місяці тому +2

    Another professional from the Entra ID group shared this video and I'm subbed! Excellent video! As an aspiring Cybersecurity Analyst, I appreciated the multi-layered approach to conditional access, especially where the principle of Least Privilege was illustrated. Also found the Conditional Access for Zero Trust Framework exciting, particularly where he addressed the multiple exclusions by naming conventions thru 'personas'. Thanks for sharing! 👍

  • @dangood8006
    @dangood8006 3 місяці тому +4

    Great content!
    For the "Consumer VPN" bypassing Trusted Locations, appears you need to have Apps deployed with CA App Control. Any chance you can expand on that in a video in terms of covering the M365 Apps as opposed to custom apps?

    • @rucam365
      @rucam365 4 дні тому

      Yes absolutely. Gonna do a few videos on Defender for Cloud Apps, so will include it then.

  • @MrArt954
    @MrArt954 4 місяці тому +2

    Amazing video. Very informative and captivating content.

  • @Sergio-Here-In-Community
    @Sergio-Here-In-Community 5 місяців тому +3

    Terrific video,
    That is a high level security for Conditional access.

    • @threatscape
      @threatscape  5 місяців тому +1

      Thanks Sergio! Glad you found it useful

  • @matthewlevy6759
    @matthewlevy6759 4 місяці тому +2

    Amazing video Ru. Just a question about the VPNs, are you saying consumer VPNs are not evaluated or considered in location based CA policies? And so, in your UK example, if a user from the UK was connected to a VPN to access streaming video from the USA for example, they wouldn't be blocked by the CA policy? Hence the MDA policy requirement. Or are you saying a bad actor can use a VPN to appear to come from Ireland for example, when they are in fact in the far east and without the MDA policy would be able to sign in?🤕

    • @rucam365
      @rucam365 4 місяці тому +2

      Hey Matt, it's the latter. For example, if I have a CA policy that only allows Irish IPs, CA will accept IPs of VPNs, data centres, VPSs, etc, as long as their IP matches Irish geo data. Using MDA, you can refine it by saying "also block if the category - not just location - of the IP is XYZ".

  • @ernie3878
    @ernie3878 5 місяців тому +2

    Really good video covering many common gaps

    • @threatscape
      @threatscape  5 місяців тому +2

      Glad it was helpful! Do let us know what you would like us to cover next.

    • @ernie3878
      @ernie3878 5 місяців тому +2

      @@threatscape Continuous Access evaluation (CAE) and Token protection please :)

  • @AnthGags333
    @AnthGags333 4 місяці тому +2

    What if- Literally saved my sanity