Hi [[ session.user.profile.firstName ]]

MS Teams und Office 365 als neue Zielscheibe für Cyberkriminelle [German]

Gerade in Zeiten von COVID-19 wird die Digitalisierung in unterschiedlichen Bereichen zwangsläufig vorangetrieben. Damit rückten in den letzten Monaten insbesondere cloudbasierte Anwendungen immer mehr in den Fokus von Cyberkriminellen. Neben anderen namhaften Produkten haben sich Office 365 und Teams von Microsoft als meistgenutzte Online-Kollaborationsplattform etabliert. Ein Angreifer mit gestohlenen Zugangsdaten kann nahezu ungehinderten Zugang zu Teams und allen unterstützenden Diensten erhalten.
In diesem Webinar aus der Serie «Von einem Hacker erklärt…» wird gezeigt, welche gängigen Angriffe auf MS Teams und Office 365 existieren und wie Ihre Firma dadurch ebenfalls ungewollt zur Zielscheibe werden kann. Zudem lernen Sie, wie Sie sich vor solchen Angriffen schützen können und welche Möglichkeiten Netwrix dazu bietet.
Recorded Apr 20 2021 71 mins
Your place is confirmed,
we'll send you email reminders
Presented by
Yves Kraft, Penetration Tester & Security Consultant, BSc FH CS, ISO 27001 Lead Auditor, OSCP, OPST, OSSTMM Trainer
Presentation preview: MS Teams und Office 365 als neue Zielscheibe für Cyberkriminelle [German]

Network with like-minded attendees

  • [[ session.user.profile.displayName ]]
    Add a photo
    • [[ session.user.profile.displayName ]]
    • [[ session.user.profile.jobTitle ]]
    • [[ session.user.profile.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(session.user.profile) ]]
  • [[ card.displayName ]]
    • [[ card.displayName ]]
    • [[ card.jobTitle ]]
    • [[ card.companyName ]]
    • [[ userProfileTemplateHelper.getLocation(card) ]]
  • Channel
  • Channel profile
  • Deep Dive: Unveil Your Hidden Risks with Netwrix Auditor Nov 2 2021 5:00 pm UTC 65 mins
    Roy Lopez, Systems Engineer at Netwrix
    Cybersecurity is all about understanding, managing, controlling and mitigating risk to your organization’s critical assets — which makes it a never-ending process that can take a lot of time. Wouldn’t it be great to spend less than 5 minutes a day on risk assessment and go home with no worries about your organization’s security? Believe it or not, Netwrix Auditor can help you do just that!

    Take part in a deep dive into risk assessment as Roy Lopez explains how to keep your IT infrastructure secure with Netwrix Auditor by:
    • Identifying weaknesses in your IT security policy settings and practices
    • Quickly spotting the risks that require your immediate attention
    • Drilling down to actionable details that enable prompt mitigation of those risks
  • Deep Dive: How to Stay in Control of Your Office 365 Environment Oct 19 2021 5:00 pm UTC 22 mins
    Bob Cordisco, Solutions Engineer at Netwrix
    Exchange Online and SharePoint Online permissions can be beyond unclear — they are often so complicated that they’re nearly impossible to untangle using native tools. Join Bob Cordisco, Netwrix solutions engineer, to find out how to overcome this critical gap in your Microsoft Office 365 protection strategy.

    During this session, you’ll learn how to:

    • Know exactly who has access to the most sensitive mailboxes in your Exchange Online
    • Spot broken inheritance in your SharePoint Online
    • Monitor every change to your SharePoint Online sites, lists and documents
    • Identify high-risk users with a consolidated view of all their anomalous Office 365 behaviour
    • Get alerts on activity that needs your immediate attention
  • Deep Dive: How to Reduce the Exposure of Your Critical Data Oct 5 2021 5:00 pm UTC 31 mins
    Bob Cordisco, Solutions Engineer at Netwrix
    To reduce the overexposure of regulated and mission-critical data, it’s not enough to understand where it resides; you also need to uncover any issues that put the data at risk and quickly remediate them. With solutions from Netwrix, you can reduce the exposure of your sensitive data by moving it to a safe location, deleting confidential pieces of content from it and more.

    Discover how Netwrix solutions enable you to:

    • Understand which data needs protection and how exposed it is
    • Automatically migrate overexposed data to quarantine before a breach occurs
    • Automatically redact sensitive content from documents
    • Identify and revoke excessive permissions
    • Increase the accuracy of your data loss prevention (DLP) tool
  • Deep Dive: Force IT Risks to the Surface Sep 21 2021 5:00 pm UTC 24 mins
    Dakota Brewer, Solutions Engineer at Netwrix
    Everyone knows that regular IT risk assessments are essential to both security and compliance. But they can be so complicated and expensive to perform that organizations often put them off — dramatically increasing their risk of data breaches and stiff fines. But what if the security gaps in your environment were identified and assessed automatically, with all the risks prioritized so it’s easy for you to deal with the most critical ones first?

    This might sound too good to be true, but it’s exactly what Netwrix Auditor’s IT Risk Assessment reports provide. Join our deep-dive session and find out how you can kick-start your risk assessment project in just a couple of clicks.

    In this 30-minute workshop, you’ll learn:
    • The 5 most common myths about IT risk assessment
    • The key steps in an effective risk assessment program
    • How you can easily identify, prioritize and reduce your risks with Netwrix Auditor
  • Deep Dive: Insider Threat Detection Recorded: Sep 8 2021 56 mins
    Bob Cordisco, Solutions Engineer at Netwrix
    Do organizations battle insider threats? They try to. Are they successful at mitigating the risk? Not so much. It’s a real challenge to spot malicious insiders before they cause damage, and even well-meaning users sometimes forget or ignore established information sharing and data protection protocols, especially those that seem arbitrary or inconvenient.

    Watch this 30-minute deep dive to learn how to:
    • Determine whether your organization should be concerned about insider threats
    • Get concrete evidence of privilege abuse incidents
    • Be notified about high-risk insider threat patterns
    • Identify security weak spots so you can remediate them before they are exploited
  • CMMC: Raise Your Cyber Maturity Level Recorded: Aug 31 2021 54 mins
    Ryan Bonner (Founder and CEO of DEFCERT), Dan Piazza (Technical Product Manager at Stealthbits)
    The Cybersecurity Maturity Model Certification (CMMC) is a cybersecurity framework developed by the US Department of Defense (DoD) to ensure that its contractors protect sensitive information appropriately. It is based on established cybersecurity standards like NIST, ISO 27001 and UK Cyber Essentials, and most of the controls it requires are long-time cybersecurity best practices. However, it introduces new practices that can deliver far more robust security.

    While CMMC applies to every company within the DoD supply chain, any organization can benefit from implementing its core principles.

    Watch our session to learn:
    • What the CMMC is and what types of data it protects
    • The framework’s components
    • The 5 levels of cyber maturity
    • The timeline for CMMC implementation
    • How you can implement cybersecurity best practices from the CMMC and other standards, such NIST and ISO/IEC 27001, using Netwrix solutions
  • Engineers Workshop: How to Implement a CIS Hardened Build Standard Recorded: Aug 27 2021 24 mins
    Denis Goskolli, Technical Support Engineer at NNT
    Commercial and open-source system configurations generally lack all the necessary security measures needed before deploying into production. These configurations will often times have features and functionalities enabled by default, making them less secure and a prime target for today’s cyber criminals.

    Implementing a CIS hardened build standard can help you address this issue by disabling and removing unnecessary functionalities and features, allowing your security team to proactively minimize system vulnerabilities, enhance system integrity, achieve compliance, and reduce your attack surface.

    Watch this session and learn:
    • How to work through a CIS Benchmark Secure Configuration Guide & how to avoid the ‘Gotchas’
    • How to customize and expand to deliver a hardened build standard that’s designed for you
    • How to roll out to your IT systems, both manually and automatically
    • How to maintain everything in its secure, hardened state
  • Une nouvelle approche pour sécuriser les comptes d’administrateurs [French] Recorded: Jul 28 2021 47 mins
    Thomas Limpens, Solutions Engineer and Pierre-Louis Lussan, Country Manager, at Netwrix
    Il n`y a aucun doute que les comptes privilégiés sont un mal nécessaire dans chaque environnement informatique.
    Mais même s’ils servent à des fins opérationnelles importantes et constituent une partie cruciale du travail quotidien des administrateurs, ils imposent des risques constants pour la sécurité.
    Existe-il un meilleur moyen ?
    Dans ce webinaire, vous allez apprendre comment réduire considérablement le risque associé aux comptes d’administration et de service, améliorer votre programme de conformité et combler les lacunes de sécurité de Microsoft LAPS.

    Regardez ce webinaire pour découvrir :
    • Le niveau de risque auquel vos comptes d’administration et de service actuels vous exposent
    • Les cinq principales choses que les gens détestent lorsqu’ils essaient de gérer ces risques en utilisant des solutions traditionnelles de gestion de l’accès privilégié (PAM)
    • Une meilleure option : des comptes d’administration juste à temps avec juste assez de privilèges et une gestion efficace des comptes de service
    • Cette approche moderne limite également les mouvements latéraux des attaquants et simplifie la conformité
  • Deep Dive: Insider Threat Detection Recorded: Jul 20 2021 56 mins
    Bob Cordisco, Solutions Engineer at Netwrix
    Do organizations battle insider threats? They try to. Are they successful at mitigating the risk? Not so much. It’s a real challenge to spot malicious insiders before they cause damage, and even well-meaning users sometimes forget or ignore established information sharing and data protection protocols, especially those that seem arbitrary or inconvenient.

    Watch this 30-minute deep dive to learn how to:
    • Determine whether your organization should be concerned about insider threats
    • Get concrete evidence of privilege abuse incidents
    • Be notified about high-risk insider threat patterns
    • Identify security weak spots so you can remediate them before they are exploited
  • Top 10 Security Features to Enable in Microsoft 365 Recorded: Jul 20 2021 65 mins
    Liam Cleary, Microsoft MVP and a founder of SharePlicity
    Microsoft 365 offers a wealth of valuable collaboration tools — but what about security? By default, Microsoft provides various core security capabilities to protect the service itself, as well as controls that are available as needed for any organization. Unfortunately, many organizations do not implement them; some may not even know where they are. In fact, Microsoft 365 includes hundreds of configuration options that control everything from user authentication to external access to downloading of content. Knowing which settings to enable or disable is critical to a strong security posture.

    In this webinar, we will walk through the top 10 security controls that should be enabled in every Microsoft 365 tenant. We will discuss each one and explain why to use them. At the end of this webinar, you will understand which controls to implement to increase the security of your Microsoft 365 tenant.
  • GDPR Anniversary Panel Discussion: Data Protection in the Age of Remote Working Recorded: May 24 2021 62 mins
    Jonathan Armstrong (Partner at Cordery), Gina Fanning (Managing Director at COMPLINET), Michael Paye (CTO at Netwrix)
    May 25th marks the third anniversary of the GDPR’s effective date. We’ve all seen the effects: numerous compliance checklists and audits; the flood of opt-in consent emails; unprecedented international outreach; and giant fines looming over both large corporations and small organisations. But over the years, ‘the great data privacy panic,’ as it was called by BBC tech correspondents, has evolved into a pragmatic approach to compliance regulations. Data security is no longer merely a necessity but a business driver for digital transformation.

    Watch this moderated panel discussion to celebrate data privacy milestones and learn what compliance developments to expect.

    Our expert guests will discuss:
    - How 3 years of GDPR enforcement has already changed how organisations operate
    - How to factor privacy concerns into your cloud strategy
    - How new technology is changing how organisations approach data privacy
    - How the evolving threat landscape will influence compliance regulations
  • Enjeux du télétravail pour la sécurité de vos données [French] Recorded: May 24 2021 64 mins
    Raphaël Rault, Avocat Associé - Département Numérique Alter Via Avocats
    Avec l’explosion des technologies Cloud et de la généralisation de l’Internet à haut débit, de nombreuses organisations permettent à leurs employés de travailler à distance. La possibilité de travailler depuis n’importe quel endroit améliore la flexibilité et la productivité. Mais tout n’est pas aussi simple pour les professionnels de l’informatique qui doivent mettre en place l’infrastructure nécessaire pour soutenir le télétravail.

    Nous avons invité Raphaël Rault, Avocat associé au cabinet Alter Via Avocats, à partager son expertise sur les enjeux auxquels ses clients ont fait face lors de cette période de télétravail :
    - Anticipation : La sécurisation préalable des risques
    - Réaction : Les politiques de notification
    - Résolution : La fin de cycle des incidents
  • Active Directory & Azure AD: Better Together, Pt. 2 Recorded: May 21 2021 77 mins
    Sander Berkouwer, Enterprise Mobility MVP
    We already know the principle of hardening for on-premises systems, apps and services. Now, let’s apply it to the Microsoft cloud as well!
    Sander Berkouwer will show you the default settings in Azure AD and explain why they aren’t appropriate for all organizations. By looking under the covers of Azure AD, you’ll know when to dial the buttons that govern guest access, app consent and access to the Azure AD admin portal. Sander will sprinkle some Conditional Access, Microsoft Defender for Identity and Azure Log Analytics goodness on top of these settings to keep you on top of all things Azure AD.

    In this session you’ll find out:
    • What happens if you use the default Azure AD settings
    • How to harden your Active Directory, Azure AD and Microsoft 365
    • How to easily track and report on security and configuration changes in Azure AD
    • How to secure the sensitive data you store in Microsoft 365
  • Active Directory and Azure AD: Better Together, Pt. 1 Recorded: May 19 2021 60 mins
    Sander Berkouwer, Enterprise Mobility MVP
    Part 1: Getting Maximum Value from Infrastructure Security Services

    The Microsoft cloud offers a wealth of benefits, from powerful enterprise applications and built-in high availability to predictable costs. But most organizations still need their on-premises IT environment as well. Fortunately, there are proven strategies for making your trusted Active Directory and your shiny new Azure AD tenant work together, enabling a seamless user experience and strong security.

    In this webinar, Enterprise Mobility MVP Sander Berkouwer shares his expertise for making that happen. Watch this session to learn:
    • The benefits of using Active Directory and Azure AD together
    • How to properly configure infrastructure security services, including Azure AD Conditional Access, Multi-factor Authentication (MFA), Connect Health, Identity Protection, and Password Protection
    • How to track both on-prem AD logins and Azure AD sign-ins in one dashboard
    • How to quickly detect and report on security changes in AD and Azure AD
  • Data Classification Software Overview Recorded: May 5 2021 29 mins
    Nicholas Matta, Solutions Engineer at Netwrix
    Every day, your organization collects and produces tons of data. How can you possibly keep it all secure and organized? Netwrix Data Classification enables you to discover and tag your business-critical data and reduce its exposure. Plus, it also helps you achieve and prove your compliance with PCI DSS, HIPAA, CCPA and other regulations.

    Watch this product demo and learn how to:
    • Accurately identify sensitive and regulated data outside of secure locations and protect it
    • Prove regulatory compliance on your first attempt
    • Satisfy data subject access requests (DSARs) with far less effort and expense
    • Reduce your attack surface by cleaning up obsolete or trivial information
    • Respond to legal requests without putting your business on hold
  • IT Audit Software Overview Recorded: May 5 2021 28 mins
    Jordan Jasnoch, Solutions Engineer at Netwrix
    With threats growing in both number and sophistication every day and regulations imposing increasingly strict requirements, you are always fighting an uphill battle. Arm yourself with Netwrix Auditor to kick-start your IT risk assessment program, secure your critical assets and slash preparation time for compliance audits by up to 85%.
    Watch this 30-minute session and learn how you can:
    • Identify and mitigate both data and infrastructure security gaps
    • Protect your critical assets to minimize the risk of a data breach
    • Reduce the mean time to detect security threats and contain incidents
    • Prove your adherence to compliance regulations with less effort

    Learn more: https://www.netwrix.com/auditor.html?cID=7014u000001JVZN
  • ZeroLogon - What Every Organization needs to Know and Do Now Recorded: May 5 2021 28 mins
    Kevin Joyce, Technical Product Manager & Joe Dibley, Security Researcher, Stealthbits now part of Netwrix
    The recently discovered Zerologon exploit has sent shockwaves across organizations worldwide, as a vulnerability in the NetLogon Remote Protocol, allowing an unauthenticated attacker to connect to an Active Directory Domain Controller and subsequently own an Active Directory domain with ease. Despite a rapid response from Microsoft which included new group policy options, Registry keys, and event log entries, the implementation of these mitigative and detective controls are unfortunately far from straightforward. In the meantime, the clock is ticking for organizations and technology vendors to eradicate the existence of insecure NetLogon connections before the February 9, 2021 enforcement deadline, as well as for attackers seeking to leverage the exploit before the window of opportunity dissipates. Where does your organization stand? What's at risk? What can you do to expedite your organization's timeline to a secure state? Join Stealthbits' Technical Product Manager, Kevin Joyce and Security Researcher, Joe Dibley, for a quick, informative, 30-minute webinar about Zerologon where they'll answer important questions, such as:
    • What is Zerologon?
    • How does it work?
    • Why is action needed now?
    • What can Stealthbits do to help?
  • Attackers Are Bypassing MFA – What You Need to Know Recorded: May 5 2021 57 mins
    Jeff Warren, GM-Products, Stealthbits now part of Netwrix
    Multi-Factor Authentication (MFA) has become a critical and powerful technology within enterprise Information Security programs, which is precisely why attackers have focused on how to work around it. Join Stealthbits GM of Products and Cybersecurity Expert, Jeff Warren, to learn how attackers are taking advantage of MFA's blind spots and developing ways of bypassing MFA altogether, and of course, what you need to know in order to do something about it.
  • Privileged Access Management Solution Overview Recorded: May 5 2021 60 mins
    Martin Cannard, VP of Product Strategy for Privileged Access Management, Stealthbits now part of Netwrix
    Privileged Access Management (PAM) tools have proven to be essential components of information security and compliance programs, yet privileged account compromise remains a nagging issue despite broad scale adoption of password vaults. Stealthbits' (now part of Netwrix) approach to Privileged Access Management fills the gaps and overcomes the challenges of traditional PAM solutions, providing comprehensive visibility into an organization's privileged account footprint, surgical control over privileged account usage, and the ability to effectively eliminate the sizable threat surface privileged accounts represent through the reduction of privileged accounts. Join Martin Cannard, Stealthbits Technologies' VP of Product Strategy - Privileged Access Management, as he outlines the challenges organizations face with traditional PAM tools and how Stealthbits can help.
  • Data Access Governance Solution Overview Recorded: May 5 2021 47 mins
    Adam Rosen, VP of Product Strategy for Data Access Governance, Stealthbits now part of Netwrix
    Access and permissions to data are excessive and management is highly complex and error prone. The location of sensitive data is largely unknown (especially across unstructured data repositories) and is also the primary target in virtually every breach scenario. With increasing external pressures via existing and new regulations, 3rd party demands, and customer concerns, the need to gain control over data of all types has never been more dire. A well-executed Data Access Governance (DAG) program is the solution to the problem. DAG is about making access to data exclusive. It's about limiting the number of people who have access to data - and their permissions to data - to the lowest levels possible. Stealthbits' (now part of Netwrix) Data Access Governance solution provides organizations with the capabilities and approaches needed to identify, secure, and maximize the value of data wherever it resides. Join Adam Rosen, VP of Product Strategy, as he reviews the difficult data security and privacy challenges organizations face today and how Stealthbits can help.
Powerful Data Security Made Easy
Netwrix empowers information security and governance professionals to reclaim control over sensitive, regulated and business-critical data, regardless of where it resides. Over 10,000 organizations worldwide rely on Netwrix solutions to secure sensitive data, realize the full business value of enterprise content, pass compliance audits with less effort and expense, and increase the productivity of IT teams and knowledge workers.

Embed in website or blog

Successfully added emails: 0
Remove all
  • Title: MS Teams und Office 365 als neue Zielscheibe für Cyberkriminelle [German]
  • Live at: Apr 20 2021 6:05 pm
  • Presented by: Yves Kraft, Penetration Tester & Security Consultant, BSc FH CS, ISO 27001 Lead Auditor, OSCP, OPST, OSSTMM Trainer
  • From:
Your email has been sent.
or close