Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more

Threat Update 37 – Is SSO the new (h)Active Directory?

As organizations continue moving to cloud services at a breakneck pace, the adoption of SSO solutions has been a safe and effective way for IT teams to enable and control…
Kilian Englert
1 min read
Published May 6, 2021
Last updated February 22, 2022

As organizations continue moving to cloud services at a breakneck pace, the adoption of SSO solutions has been a safe and effective way for IT teams to enable and control access to the myriad of cloud apps. However, there could be a dark side to this consolidation that IT and security need to be mindful of. If an attacker were able to obtain a user’s credentials without MFA in place, or worse, compromise a machine that was fully authenticated to the SSO solution, this could open up many more avenues for an attacker to find and steal data or launch additional attacks.

Join Kilian Englert and Ryan O’Boyle from the Varonis Incident Response team as they talk through this potential attack vector and discuss ways that IT and Security could put controls in place to monitor their SSO environment.

Article mentioned in this video: Tech Republic: How poor password habits put your organization at risk

To learn how else we can help, please visit us at:https://www.varonis.com/support

Varonis customers also get access to great educational content to help support them on their journey: https://www.varonis.com/how-to-videos/

What you should do now

Below are three ways we can help you begin your journey to reducing data risk at your company:

  1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
  2. Download our free report and learn the risks associated with SaaS data exposure.
  3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

threat-update-23---bypassing-endpoint-controls-using-office-macros
Threat Update 23 - Bypassing Endpoint Controls Using Office Macros
So many attacks start with a simple booby-trapped document that runs malicious code. Crafty attackers can even customize the payload to bypass endpoint controls! Don’t believe us? Check out this...
threat-update-48---using-google-to-spot-exposed-data-in-the-cloud
Threat Update 48 - Using Google to Spot Exposed Data in the Cloud
Cloud data stores like Box and Google Workspace make sharing and collaborating easy and convenient. However, there can be hidden risks.
threat-update-28-–-re-ryuk’ed-&-exchange-zero-day
Threat Update 28 – Re-Ryuk’ed & Exchange Zero-Day
Is it too soon for a 2020 throwback? The Ryuk ransomware gang certainly doesn’t think so! It looks like one of the premiere ransomware-as-a-service groups was not content to rest on their laurels, and it appears they’ve added self-spreading capabilities.
how-to-configure-varonis-and-emc-isilon
How to Configure Varonis and EMC Isilon
Customers of EMC’s popular Isilon storage platform have been clamoring for sophisticated controls around their sensitive, regulated content—e.g., SOX, PCI, intellectual property, etc.  Varonis is the perfect fit.  With our...