Inside Out Security Blog   /  

SecurityRWD - Abusing Power Automate to Exfiltrate Data from Microsoft 365

SecurityRWD - Abusing Power Automate to Exfiltrate Data from Microsoft 365

Automation is key when trying to manage and protect your ever-increasing infrastructure and data footprintespecially in Microsoft 365. Smart attackers have been living off the land for years, abusing built-in functionality for malicious purposesand Microsoft 365 is no exception.

Kilian Englert and Ryan O'Boyle from the Varonis Cloud Architecture team explore how a powerful, built-in tool called Power Automate can be configured to automatically exfiltrate data out of Microsoft 365 environments and what organizations can do to detect it.

We're Varonis.

We've been keeping the world's most valuable data out of enemy hands since 2005 with our market-leading data security platform.

How it works