Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more
Blog Data Security

Threat Update 54 – SSO Imposter: Intrusion

Virtually every organization leveraging more than a few cloud offerings has a single sign-on solution to simplify the management of their various cloud apps. With a little careful planning, attackers…
Kilian Englert
1 min read
Last updated January 17, 2023

Contents

    Virtually every organization leveraging more than a few cloud offerings has a single sign-on solution to simplify the management of their various cloud apps. With a little careful planning, attackers can leverage some off-the-shelf attack tools to turn SSO against the business.

    Join Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team in part one of a three-part series covering how attackers can exploit SSO to infiltrate cloud repositories, find juicy accounts and data to target, and exfiltrate data.

    Watch more attack scenarios here: https://www.varonis.com/webinars/ To learn how else we can help, please visit us at: https://www.varonis.com/help/

    What you should do now

    Below are three ways we can help you begin your journey to reducing data risk at your company:

    1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
    2. Download our free report and learn the risks associated with SaaS data exposure.
    3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.
    Kilian Englert
    Kilian Englert Kilian has a background in enterprise security engineering, as well as security solution selling. Kilian is a Certified Information Systems Security Professional (CISSP) and creates internal and public content on topics related to cybersecurity and technology best practices.

    Try Varonis free.

    Get a detailed data risk report based on your company’s data.
    Deploys in minutes.
    Get started View sample

    Keep reading

    Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

    threat-update-36-–-a-supply-chain-attack-by-any-other-name
    Threat Update 36 – A Supply Chain Attack By Any Other Name
    threat-update-36-–-a-supply-chain-attack-by-any-other-name
    Kilian Englert
    April 30, 2021
    Kilian and Ryan look at a supply chain attack that silently stole cloud credentials for several months before detection.
    reconnect---tackling-saas-security
    ReConnect - Tackling SaaS Security
    reconnect---tackling-saas-security
    Kilian Englert
    October 19, 2021
    Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team answer audience questions from the Virtual Connect event about how the CISO of a global communications firm approaches cloud security and minimizes risk across a wide variety of cloud platforms.
    threat-update-55-–-sso-imposter:-targeting-google
    Threat Update 55 – SSO Imposter: Targeting Google
    threat-update-55-–-sso-imposter:-targeting-google
    Kilian Englert
    September 15, 2021
    In part two of this three-part series, Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team investigate how an attacker who compromised a single sign-on admin account can…
    threat-update-56-–-sso-imposter:-targeting-box
    Threat Update 56 – SSO Imposter: Targeting Box
    threat-update-56-–-sso-imposter:-targeting-box
    Kilian Englert
    September 20, 2021
    In the final part of the series, Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team walk through how attackers could target Box. They investigate how an attacker…