Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session


Threat Update 56 – SSO Imposter: Targeting Box

Incident Response

In the final part of the series, Kilian Englert and Ryan O’Boyle from the Varonis Cloud Architecture team walk through how attackers could target Box. They investigate how an attacker who compromised a single sign-on admin account can maximize their effort, perform recon on a connected Box environment, elevate account rights, and make malicious configuration changes to allow anonymous data sharing.

Ryan and Kilian also discuss tips on how organizations can defend against these types of attacks. 

👉Watch more attack scenarios here:

👋To learn how else we can help, please visit us at:

Kilian Englert

Kilian Englert

Kilian has a background in enterprise security engineering, as well as security solution selling. Kilian is a Certified Information Systems Security Professional (CISSP) and creates internal and public content on topics related to cyber security and technology best practices.


Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.