Inside Out Security Blog   /  

Threat Update 37 – Is SSO the new (h)Active Directory?

Threat Update 37 – Is SSO the new (h)Active Directory?

As organizations continue moving to cloud services at a breakneck pace, the adoption of SSO solutions has been a safe and effective way for IT teams to enable and control access to the myriad of cloud apps. However, there could be a dark side to this consolidation that IT and security need to be mindful of. If an attacker were able to obtain a user’s credentials without MFA in place, or worse, compromise a machine that was fully authenticated to the SSO solution, this could open up many more avenues for an attacker to find and steal data or launch additional attacks.

Join Kilian Englert and Ryan O’Boyle from the Varonis Incident Response team as they talk through this potential attack vector and discuss ways that IT and Security could put controls in place to monitor their SSO environment.

Article mentioned in this video: Tech Republic: How poor password habits put your organization at risk

To learn how else we can help, please visit us at:

Varonis customers also get access to great educational content to help support them on their journey:

We're Varonis.

We've been keeping the world's most valuable data out of enemy hands since 2005 with our market-leading data security platform.

How it works