Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more
Blog Data Security

SecurityRWD - Abusing Power Automate to Exfiltrate Data from Microsoft 365

Kilian Englert and Ryan O'Boyle from Varonis explore how a powerful, built-in tool called Power Automate can be configured to automatically exfiltrate data out of Microsoft 365 environments and what organizations can do to detect it..
Kilian Englert
1 min read
Last updated April 7, 2022

Contents

    Automation is key when trying to manage and protect your ever-increasing infrastructure and data footprintespecially in Microsoft 365. Smart attackers have been living off the land for years, abusing built-in functionality for malicious purposesand Microsoft 365 is no exception.

    Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team explore how a powerful, built-in tool called Power Automate can be configured to automatically exfiltrate data out of Microsoft 365 environments and what organizations can do to detect it.

    What you should do now

    Below are three ways we can help you begin your journey to reducing data risk at your company:

    1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
    2. Download our free report and learn the risks associated with SaaS data exposure.
    3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.
    Kilian Englert
    Kilian Englert Kilian has a background in enterprise security engineering, as well as security solution selling. Kilian is a Certified Information Systems Security Professional (CISSP) and creates internal and public content on topics related to cybersecurity and technology best practices.

    Try Varonis free.

    Get a detailed data risk report based on your company’s data.
    Deploys in minutes.
    Get started View sample

    Keep reading

    Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

    using-power-automate-for-covert-data-exfiltration-in-microsoft-365
    Using Power Automate for Covert Data Exfiltration in Microsoft 365
    using-power-automate-for-covert-data-exfiltration-in-microsoft-365
    Eric Saraga
    February 2, 2022
    How threat actors can use Microsoft Power Automate to automate data exfiltration, C2 communication, lateral movement, and evade DLP solutions.
    last-week-in-microsoft-azure:-week-of-april-12th
    Last Week in Microsoft Azure: Week of April 12th
    last-week-in-microsoft-azure:-week-of-april-12th
    Jeff Brown
    April 12, 2021
    This week’s review covers new learning resources for Azure Bicep, a PowerShell project for automating Azure diagrams, and a deep dive into Azure Key Vault.
    getting-started-with-powershell-option-inputs
    Getting Started with PowerShell Option Inputs
    getting-started-with-powershell-option-inputs
    Michael Buckbee
    November 17, 2014
    PowerShell is the dominant method of automating tasks and scripting changes for Windows sysadmins. This article covers getting started with some basic PowerShell usage and how to pass optional customization...
    how-to-use-autoruns-to-detect-and-remove-malware-on-windows
    How to Use Autoruns to Detect and Remove Malware on Windows
    how-to-use-autoruns-to-detect-and-remove-malware-on-windows
    Neil Fox
    March 22, 2021
    This article acts as a tutorial on how to use Sysinternals Autoruns to detect potentially unwanted software that is installed and running automatically on your device.