My Cloud is APT's Cloud - Investigating and Defending Office 365

Explore the increasing threat landscape of Microsoft Office 365 in this 41-minute Black Hat conference talk. Investigate how attackers are targeting cloud services, particularly Office 365, which has become the dominant email platform for enterprises worldwide. Delve into the various components of Office 365, including Exchange, Teams, SharePoint, and OneDrive, and understand why the vast amount of data stored in these services makes them attractive targets for threat actors. Learn about authentication types, the Unified Log, and the attack lifecycle through real-world case studies. Discover effective defense strategies, including conditional access, Azure Active Directory protection, and safeguarding against sophisticated techniques like GoldSAML attacks, mail forwarding rules abuse, and eDiscovery exploitation. Gain valuable insights from security experts Doug Bienstock and Josh Madeley on investigating and defending Office 365 environments against advanced persistent threats.