Another professional from the Entra ID group shared this video and I'm subbed! Excellent video! As an aspiring Cybersecurity Analyst, I appreciated the multi-layered approach to conditional access, especially where the principle of Least Privilege was illustrated. Also found the Conditional Access for Zero Trust Framework exciting, particularly where he addressed the multiple exclusions by naming conventions thru 'personas'. Thanks for sharing! 👍
Great content! For the "Consumer VPN" bypassing Trusted Locations, appears you need to have Apps deployed with CA App Control. Any chance you can expand on that in a video in terms of covering the M365 Apps as opposed to custom apps?
Amazing video Ru. Just a question about the VPNs, are you saying consumer VPNs are not evaluated or considered in location based CA policies? And so, in your UK example, if a user from the UK was connected to a VPN to access streaming video from the USA for example, they wouldn't be blocked by the CA policy? Hence the MDA policy requirement. Or are you saying a bad actor can use a VPN to appear to come from Ireland for example, when they are in fact in the far east and without the MDA policy would be able to sign in?🤕
Hey Matt, it's the latter. For example, if I have a CA policy that only allows Irish IPs, CA will accept IPs of VPNs, data centres, VPSs, etc, as long as their IP matches Irish geo data. Using MDA, you can refine it by saying "also block if the category - not just location - of the IP is XYZ".
Another professional from the Entra ID group shared this video and I'm subbed! Excellent video! As an aspiring Cybersecurity Analyst, I appreciated the multi-layered approach to conditional access, especially where the principle of Least Privilege was illustrated. Also found the Conditional Access for Zero Trust Framework exciting, particularly where he addressed the multiple exclusions by naming conventions thru 'personas'. Thanks for sharing! 👍
Great content!
For the "Consumer VPN" bypassing Trusted Locations, appears you need to have Apps deployed with CA App Control. Any chance you can expand on that in a video in terms of covering the M365 Apps as opposed to custom apps?
Yes absolutely. Gonna do a few videos on Defender for Cloud Apps, so will include it then.
Amazing video. Very informative and captivating content.
Terrific video,
That is a high level security for Conditional access.
Thanks Sergio! Glad you found it useful
Amazing video Ru. Just a question about the VPNs, are you saying consumer VPNs are not evaluated or considered in location based CA policies? And so, in your UK example, if a user from the UK was connected to a VPN to access streaming video from the USA for example, they wouldn't be blocked by the CA policy? Hence the MDA policy requirement. Or are you saying a bad actor can use a VPN to appear to come from Ireland for example, when they are in fact in the far east and without the MDA policy would be able to sign in?🤕
Hey Matt, it's the latter. For example, if I have a CA policy that only allows Irish IPs, CA will accept IPs of VPNs, data centres, VPSs, etc, as long as their IP matches Irish geo data. Using MDA, you can refine it by saying "also block if the category - not just location - of the IP is XYZ".
Really good video covering many common gaps
Glad it was helpful! Do let us know what you would like us to cover next.
@@threatscape Continuous Access evaluation (CAE) and Token protection please :)
What if- Literally saved my sanity