Name: Exposing the Misconfigurations Attackers Love in Microsoft 365
Start: 2025-10-28T18:00:00Z
End: 2025-10-28T18:00:29.000Z
Location: BrightTALK
Rating: 5

Learn more about new approaches to email security to stop advanced business email compromise attacks that bypass traditional, threat intelligence-based email security solutions.

Unlike legacy email security solutions, the Abnormal Security platform uses an innovative AI-based approach that deeply understands the people, relationships, and business processes to stop the most sophisticated and costly attacks.

Microsoft 365 powers the modern workplace, but its complexity also creates risk. Missteps in Admin Center, SharePoint, Teams, or Exchange can quietly open doors to attackers, from excessive permissions to weak policies that expose sensitive data. This session explores how security posture management uncovers hidden gaps, strengthens configurations, and prevents small oversights from escalating into breaches.

ThreatStream: Hidden Entry Points: How Microsoft 365 Misconfigurations Create Vulnerabilities

Microsoft 365 powers the modern workplace, but its complexity also introduces risk. Missteps in the Admin Centre, SharePoint, Teams, or Exchange can quietly open the door to attackers—from excessive permissions to weak policies that expose sensitive data. This session explores how security posture management uncovers hidden gaps, strengthens configurations, and prevents small oversights from escalating into breaches.

The rise of crypto has created new opportunities—for both investors and attackers. In this session, we’ll uncover how threat actors exploit decentralized systems, impersonate crypto brands, and weaponize urgency to steal funds, and how Abnormal AI detects and blocks these fast-moving, irreversible scams.

ThreatStream: Cryptocurrency Fraud: Fast Money, Faster Scams

The rise of crypto has created new opportunities—for both investors and attackers. In this session, we’ll explore how threat actors exploit decentralised systems, impersonate crypto brands, and weaponise urgency to steal funds, and how Abnormal AI detects and blocks these fast-moving, irreversible scams.

As mergers and acquisitions accelerate, cyber and privacy risks remain among the most overlooked and financially devastating factors that impact deal value and post-close stability. In this joint session with experts from Norton Rose Fulbright, CrowdStrike, and Abnormal AI, we’ll cover: 

- The legal risks of insufficient diligence and why understanding a target’s data landscape and compliance posture is essential for protecting investments.
- How the CrowdStrike M&A Compromise Assessment can uncover active and historical adversary activity across endpoint, cloud, identity, and SaaS environments. 
- How behavioral AI provides critical visibility into email-borne risk to enable Day-One protection against BEC, account takeovers, and vendor fraud.

Together, these three expert panelists will share an in-depth approach to M&A security to empower your organization to reduce the risk of acquisitions, accelerate secure integrations, and preserve deal value.


**Webinar attendees are eligible for 1 CPE credit through ISC2. Claim your CPE credit here: https://bit.ly/4f3xas3

Day-One Defense: A Smarter Approach to Cybersecurity for M&A

AI has upended the economics of social engineering. Anyone can now craft fluent, context-aware lures at speed and scale. In this session, Abnormal AI’s EJ Whaley and world-renowned cyberpsychologist Dr. Mary Aiken unpack how attackers blend large language models with behavioral science—exploiting authority bias, urgency, and group conformity—to bypass human defenses across email, chat, and video (including deepfakes). 

We’ll examine why traditional awareness can backfire, how “phishing-as-a-service” industrializes fraud, and what it takes to restore trust in a zero-trust world. 

Register now!

**Webinar attendees are eligible for 1 CPE credit through ISC2. Please claim your ISC2 CPE credit here: https://bit.ly/4f3xas3

Convergence Season 5, Chapter 15: Supercharged Deception: How AI Is Accelerating Social Engineering [AMER]

AI has upended the economics of social engineering. Anyone can now craft fluent, context-aware lures at speed and scale. In this session, Abnormal AI’s EJ Whaley and world-renowned cyberpsychologist Dr Mary Aiken reveal how attackers blend large language models with behavioural science—exploiting authority bias, urgency, and group conformity—to bypass human defences across email, chat, and video (including deepfakes).

We’ll explore why traditional awareness training can backfire, how “phishing-as-a-service” is industrialising fraud, and what it really takes to restore trust in a zero-trust world.

Register now!

**Webinar attendees are eligible for 1 CPE credit through ISC2. Please claim your ISC2 CPE credit here: https://bit.ly/4f3xas3

Convergence Season 5, Chapter 15: Supercharged Deception: How AI Is Accelerating Social Engineering [EMEA]

Convergence Season 5, Chapter 15: Supercharged Deception: How AI Is Accelerating Social Engineering [APAC]

The email security market is crowded with vendors making bold AI claims, but how do you separate genuine innovation from marketing noise? As organizations face increasingly sophisticated threats—from AI-generated phishing to business email compromise—choosing the right email security solution has never been more critical or more complex.
Join former Gartner analyst Ravisha Chugh and Abnormal's Director of Product Marketing Lane Billings for an insider's perspective on evaluating email security vendors in 2026. Drawing on years of vendor evaluation experience and deep market analysis, this session gives security leaders a practical framework for making informed decisions.

You'll learn:
- How Gartner analysts assess the email security landscape, and the evaluation criteria that matter most
- The questions to ask vendors—and the red flags to watch out for 
- A practical framework for building your vendor shortlist
- How to use analyst reports like the Gartner Magic Quadrant effectively
- How to structure vendor comparisons to reveal real differentiation and real-world performance

Whether you're replacing a legacy SEG, augmenting existing defenses, or evaluating your current solution, this session provides the independent analysis and actionable guidance to make the right choice for your organization.

**Webinar attendees are eligible for 1 CPE credit through ISC2. Please claim your ISC2 CPE credit here: https://bit.ly/4f3xas3

Beyond the Quadrant: An Analyst's Guide to Evaluating Email Security in 2026

Generative AI is powering a new wave of business email compromise attacks—more scalable, personalized, and nearly impossible to detect. See how threat actors craft hyper-realistic emails and how Abnormal’s behavioral AI detects impersonations that traditional tools miss.

ThreatStream: When BEC Meets AI

The email security market is crowded with vendors making bold AI claims, but how do you separate genuine innovation from marketing noise? As organisations face increasingly sophisticated threats—from AI-generated phishing to business email compromise—choosing the right email security solution has never been more critical or more complex.
Join former Gartner analyst Ravisha Chugh and Abnormal’s Director of Product Marketing, Lane Billings, for an insider’s perspective on evaluating email security vendors in 2026. Drawing on years of vendor evaluation experience and deep market analysis, this session gives security leaders a practical framework for making informed decisions.

You’ll learn:
- How Gartner analysts assess the email security landscape, and the evaluation criteria that matter most
- The questions to ask vendors — and the red flags to watch out for
- A practical framework for building your vendor shortlist
- How to use analyst reports such as the Gartner Magic Quadrant effectively
- How to structure vendor comparisons to reveal real differentiation and real-world performance

Whether you’re replacing a legacy SEG, augmenting existing defences, or evaluating your current solution, this session provides the independent analysis and actionable guidance needed to make the right choice for your organisation.

**Webinar attendees are eligible for 1 CPE credit through ISC2. Please claim your ISC2 CPE credit here: https://bit.ly/4f3xas3

Generative AI is driving a new wave of business email compromise attacks—more scalable, more personalised, and increasingly difficult to detect. See how threat actors craft hyper-realistic emails, and how Abnormal’s behavioural AI identifies impersonation attempts that traditional tools miss.
In this ThreatStream webinar, Abnormal expert Ryan Schwartz uncovers how AI is changing the face of BEC. He walks through real attacks—from vendor compromise and payroll fraud to internal account takeovers—and shows how behavioral analysis detects what traditional tools can miss.

Watch the on-demand webinar to learn
- How attackers use AI to research targets and craft believable emails in seconds
- Why payload-less attacks and lookalike domains evade traditional defenses
- How behavioral analysis identifies unusual tone, urgency, and relationships to stop financial fraud

How vendor compromise spreads across organizations—and how to detect it early. Register now to view the on-demand webinar!

The email security market is crowded with vendors making bold AI claims, but how do you separate genuine innovation from marketing noise? As organisations face increasingly sophisticated threats—from AI-generated phishing to business email compromise—choosing the right email security solution has never been more critical or more complex.

Join former Gartner analyst Ravisha Chugh and Abnormal’s Director of Product Marketing, Lane Billings, for an insider’s perspective on evaluating email security vendors in 2026. Drawing on years of vendor evaluation experience and deep market analysis, this session gives security leaders a practical framework for making informed decisions.

You’ll learn:
- How Gartner analysts assess the email security landscape, and the evaluation criteria that matter most
- The questions to ask vendors — and the red flags to watch out for
- A practical framework for building your vendor shortlist
- How to use analyst reports such as the Gartner Magic Quadrant effectively
- How to structure vendor comparisons to reveal real differentiation and real-world performance

Whether you’re replacing a legacy SEG, augmenting existing defences, or evaluating your current solution, this session provides the independent analysis and actionable guidance needed to make the right choice for your organisation.

**Webinar attendees are eligible for 1 CPE credit through ISC2. Please claim your ISC2 CPE credit here: https://bit.ly/4f3xas3

Generative AI is driving a new wave of business email compromise attacks—more scalable, more personalised, and increasingly difficult to detect. See how threat actors craft hyper-realistic emails, and how Abnormal’s behavioural AI identifies impersonation attempts that traditional tools miss.

Higher education is facing an escalating volume of advanced, AI-driven email threats designed to impersonate trusted users, compromise accounts, and slip past traditional defenses. With small teams and increasing pressure to reduce manual workloads, universities are rethinking how they secure their communities against these fast-evolving attacks.

In this fireside chat, Patricia Titus, Field CISO at Abnormal AI, and Thomas Smith, Deputy CIO of Coppin State University, will explore how Coppin State strengthened its security posture by modernizing its approach to email threat detection and response. Thomas will share how the university reduced operational burden through automation, improved visibility into account compromise attempts, and achieved a dramatic reduction in attacks.

You’ll learn:
- How AI is shaping today’s most common threats in higher education
- Ways automation helps reduce manual investigation 
- Key priorities for universities preparing for next-generation, AI-enabled threats

Join us to hear real-world insights, lessons learned, and practical takeaways you can apply to elevate your institution’s security posture.

**Webinar attendees are eligible for 1 CPE credit through ISC2. Please claim your ISC2 CPE credit here: https://bit.ly/4f3xas3

Defending Higher Ed in the Age of AI: A Fireside Chat with Coppin State University

Misconfigurations in Microsoft 365, from hidden forwarding rules to weak authentication policies, are among the most common ways attackers gain access. Traditional audits and Microsoft Secure Score often miss these issues, which leaves email security teams exposed.

In this webinar, you’ll hear from Spencer Lanning, a seasoned Security Analyst and Abnormal AI customer, as he shares how his team uses Security Posture Management (SPM) to identify and fix risky misconfigurations, prevent configuration drift, and improve visibility across their environment. 

You will learn:

- What email misconfigurations are, and why they matter
- How Security Posture Management strengthens defenses
- Practical tips to reduce misconfigurations and maintain a stronger posture

Don’t let hidden misconfigurations put your organization at risk. Register today!

Exposing the Misconfigurations Attackers Love in Microsoft 365

Cyber Attacks

Authentication

Email Security

security posture managemen

Cyber Threats

Threat Landscape

Threat Analysis

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

The unexpected nature of natural disasters and other disruptive events means that preparation is key to managing disaster recovery and business continuity planning. Join the business continuity and disaster recovery community for live and recorded presentations discussing best practices for business continuity planning, disaster recovery programs and business continuity management. Learn from BCDR experts to develop your critical infrastructure and gain insight into tactical solutions to your BCDR issues.

Business Continuity / Disaster Recovery

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Information Technology

Get powerful insights to run your business. CEOs, CFOs, CMOs, COOs, CTOs and CIOs are among the leaders in this community who connect with peers and experts to grow their businesses.

CxO Strategy

In the business management community, commercial experts will be sharing webinars and videos on an array of subjects. From sales and marketing, to finance, productivity and growth, this content will help you stay up-to-date with the current economic environment and provide timely management insight to drive business growth.

Exposing the Misconfigurations Attackers Love in Microsoft 365

Presented by

About this talk

Abnormal AI