Cloud authentication provides so many advantages in business. It can allow your users to seamlessly authenticate between applications, it’s cost-efficient, and it’s scalable, and it offers great security options. But as with anything that is good in this line of work, it has the potential to be abused.
One example of this is Open Authorization (OAuth) technology, an open-standard protocol designed to allow third-party applications to access user information without sharing the user’s credentials, such as passwords. It enables users to grant limited access to resources from one site to another without exposing login information.
When used for good, it allows users to make persistent connections. When used for evil, it can allow malicious actors to gain a foothold on a network, even an on-premises location.
- Set the filter to permission level “high severity” and community use to “not common”. Using this filter, you can focus on apps that are potentially very risky, where users may have underestimated the risk.
- Under Permissions select all the options that are particularly risky in a specific context. For example, you can select all the filters that provide permission to email access, such as Full access to all mailboxes and then review the list of apps to make sure that they all really need mail-related access. This can help you investigate within a specific context, and find apps that seem legitimate but contain unnecessary permissions. These apps are more likely to be risky.
- Select the saved query Apps authorized by external users. Using this filter, you can find apps that might not be aligned with your company’s security standards.
Stay updated with SOC News for cutting-edge security innovations and expert industry insights!
