Name: Attacker in the Endpoint - How MFA is Bypassed
Start: 2023-09-13T18:36:00Z
End: 2023-09-13T18:36:02.000Z
Location: BrightTALK
Rating: 5

Zero Trust Authentication

protecting your workforce, customers, and developers with passwordless, phishing-resistant MFA!
www.beyondidentity.com

What is device trust?

Device trust means you have complete visibility and control over managed and unmanaged devices to determine who and what has access based on risk modeling. 

It's not just about whether a device is managed; even managed devices can be misconfigured or require complex Mobile Device Management (MDM) systems. Basic device information such as geolocation, serial numbers, device types, and IP information is insufficient as this data only provides a snippet of access control measures. In addition, you can’t rely on a static evaluation of a device's security posture, which can change over time. For example, if a user turns off their device firewall or downloads malicious software, the security of that device could be compromised.

Join Beyond Identity's CMO, Patrick McBride, and CTO, Jasson Casey, as they, joined by Dr. Zero Trust, (Dr. Chase Cunningham) try to bust this latest myth!

Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-inc

Website:
beyondidentity.com

#cybersecurity #cybersecurityexplainedsimply #mythbusters #MDM #mobiledevicemanagement #IT #itsecurity #zerotrust #tech #passkey #softwareengineer #authentication #developer #sysadmin #password #login #cyberattack

Is MDM Enough for Device Trust? - Cybersecurity Mythbusters

Joshua from Beyond Identity takes us through Attacker in the Middle attacks against MFA, also known as Man in the Middle Attacks.

As a result of these attacks on MFA, CISA’s new guidance emphasizes the need for phishing-resistant MFA, that does not utilize phishable factors like passwords, one-time codes, SMS, or email links.

Follow Beyond Identity:
https://twitter.com/beyondidentity
https://www.linkedin.com/company/beyond-identity-inc/

Website:
https://www.beyondidentity.com/

Attacker in the Middle - How MFA is Bypassed

MFA incorporates knowledge, possession, and inherence to layer protection around a username and password.

But possession proof, in the form of codes, one-time passwords, sms, push, and magic links increase the attack surface and, perhaps worse, raise the illusion of authentication security. 

In episode 5 of Beyond Identity CTO Jasson Casey's Zero Trust Authentication Master Class, well investigate a common Man-in-the-Middle attack framework – no ordinary “catphish” if you follow the logic.

This is Multi-Factor Authentication and Phishing Explained.

Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-inc

Website:
beyondidentity.com

5. Multi-Factor Authentication and Phishing Explained

Authentication in today’s world is based on delegation and federation using SAML and OIDC protocols to verify and establish trust between users and apps. 

In episode 4. How Delegation and Federation Work, of Beyond Identity CTO Jasson Casey's Zero Trust Authentication Master Class, we'll understand the role of Identity Providers (IDPs), the challenge-response concepts involved in authentication, and the differences between SAML and OIDC.

Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-inc

Website:
beyondidentity.com

4. How Delegation and Federation Work - Zero Trust Authentication Master Class

Weak authentication, based on usernames and passwords, has been surrounded with timers and codes, providing only a modicum of additional protection. This can lull identity and security teams into a false confidence. Conversely, they also increase the surface area available for exploit by attackers.

In episode 3. Augments Authentication Flows of his Zero Trust Authentication Master Class, Beyond Identity CTO Jasson Casey explains these pitfalls further. 

Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-inc

Website:
beyondidentity.com

3. Augments Authentication Flows - Zero Trust Authentication Master Class

Most credentials are some form of symmetric, or shared secret (like passwords). The problem is that a shared secret must be shared and transmitted between a client and a server. Application load balancers, proxies, and content distribution networks ensure that these secrets touch the memory of many machines between the client and the server. 

If any of these machines were to become compromised, the shared secrets it contains are also compromised. Users can also unknowingly or unwittingly divulge the shared secret. 

Preventing credential theft requires the realization that the movement of the credential is bad. Every time the credential moves, it increases the surface area that must be protected. 

If a credential never moved, it would have a surface area the size of its host computer.

Asymmetric cryptography provides the technical means of creating unmovable credentials. Create an asymmetric key pair, share the public key, don’t move the private key, and sign challenges with your private key. This is a simple mechanism that chips away at the problem. 

Join Beyond Identity's CMO, Patrick McBride, and CTO, Jasson Casey, as they, joined by KnowBe4's Roger Grimes, try to bust this latest myth!

Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-inc

Website:
beyondidentity.com

MFA Stops Credential Theft? - Cybersecurity Mythbusters

Discover the power of uncompromised security with our free, live demo of Beyond Identity's Secure Workforce. Learn how Secure Workforce prevents credential-based breaches by eliminating the single largest sources of cyber attacks and ransomware – passwords and first-generation MFA bypass attacks. 

By incorporating technology based on the principles of zero trust, we deliver robust MFA that eliminates passwords, ensures continuous device integrity, and delivers secure and effortless authentication for your extended workforce. Register today and learn how to balance productivity and security for your organization.

In this webinar you'll see how Secure Workforce:

- Prevents credential-based breaches
- Provides effortless access for employees, contractors, and developers
- Enforces adherence to device security policies for all users, no matter the device or platform
- Enforces continuous risk-based authentication

Don't miss this opportunity to transform your organization's authentication security.

Live Demo: Secure Workforce

All of us experience authentication everyday, but here Beyond Identity CTO, Jasson Casey breaks down every step involved in the authentication process flow, the vulnerability profile these steps create, and how to control the attack surface.

2. Authentication Flows Explained - Zero Trust Authentication Master Class

Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-inc

Website:
beyondidentity.com

2. Authentication Flows Explained - Zero Trust Authentication Master Class

The term Zero Trust is ubiquitous in the security industry, leaving many to believe it is merely a marketing term. Jasson Casey, our CTO, dissects the key concepts of Zero Trust using the NIST framework and the essential role that strong authentication plays in a Zero Trust world.

The first thing that we really want to focus on is what is our definition of zero trust? We're going to actually just borrow the definition that comes out of NIST. NIST has a document called 800-207.

And in there they actually call out a couple of motivating problems, really setting up the stage for what is zero trust trying to solve. The preview really is, assume you're operating in a hostile environment, and kind of establish trust as you need to with respect to what someone's actually trying to do. 

But more specifically, one of the first problems they actually talk about is that there is no implicit trust based on any sort of special location in the network.

Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-inc

Website:
beyondidentity.com

1. Zero Trust Foundational Concepts - Zero Trust Authentication Master Class

See how a phishing link allows hackers to easily get past Duo's push 2FA. 

For a Beyond Idenitity Demo head to: https://www.beyondidentity.com/get-demo

Hacking Duo in Real Time

Beyond Identity Co-Founder and CTO Jasson Casey reviews the key requirements of Zero Trust Authentication and the newest innovations in identity and authentication that power authentication, dramatically improve IT’s control over their environment, and represent a step-change in user experience.

Zero Trust Authentication that Fortifies IT and Inspires Users

Welcome to Beyond Identity's August Product Update Livestream! Join us as we dive into the latest advancements in digital identity security and unveil our exciting new features. Our hosts for today's event are none other than Beyond Identity's Founding Engineer, Nelson Melo, and Product Marketing Lead, Jing Gu.

In this livestream, we'll be discussing two game-changing topics that are reshaping the landscape of digital authentication:

Hosted Web Login Capabilities:

- Explore the future of secure web login with Beyond Identity! We'll take a closer look at how our hosted web login capabilities are simplifying user authentication while enhancing security. Say goodbye to traditional passwords and hello to a new era of frictionless login experiences.

The Passkey Journey: ThePasskeyJourney.com

- Introducing our groundbreaking free tool, The Passkey Journey! Understanding how your users can leverage passkeys for secure access has never been easier. Join us as we demonstrate how this tool empowers you to harness the full potential of passkeys for your organization.

Stay tuned for live demos, in-depth discussions, and the opportunity to have your questions answered by our experts. Whether you're an IT professional, security enthusiast, or just curious about the future of authentication, this livestream is a must-watch!

Don't miss out on this exciting opportunity to stay ahead of the curve in digital identity security.  #BeyondIdentity #DigitalSecurity #PasskeyJourney #WebLogin #ProductUpdate #Livestream #Passkey #cybersecurity #authentication

August Product Update Livestream

Are your cybersecurity defenses truly protecting your organization?

Join us for a deep dive into the critical topic of "A Risk-Based Case for Zero Trust Authentication." In this exclusive webinar, we'll explore the challenges organizations face in securing their digital environments and the practical strategies to mitigate these risks.

In this webinar, we'll cover:

1️⃣ Understanding the Threat Landscape: We'll dissect real-world threats organizations face today and why traditional security measures fall short.

2️⃣ The Limitations of MFA: Not all Multi-Factor Authentication (MFA) methods are created equal. Learn why common MFA approaches can leave your organization vulnerable.

3️⃣ Practical Exploits: Explore a library of actual exploits against various MFA systems to understand their vulnerabilities.

4️⃣ The AI Factor: Discover how artificial intelligence is making attacks more sophisticated and why relying on user behavior alone isn't enough.

5️⃣ Phish Resistance: Learn about strategies and technologies that reduce the risk of phishing attacks and improve security.

6️⃣ Session Hijacking: Witness a live demo of a session hijacking attack and understand how attackers can gain unauthorized access.

7️⃣ Zero Trust Authentication: Uncover the concept of Zero Trust Authentication and see it in action through a live demonstration.

Stay ahead of evolving threats and secure your organization with a risk-based approach to authentication.

#Cybersecurity #ZeroTrust #Authentication #Webinar #Security #RiskManagement

A Risk-Based Case For Zero Trust Authentication

A TPM (or Trusted Platform Module) is an industry standard component that protects keys that can be used for authentication.

The important property of TPMs is that the private key is protected from even the lowest level of the operating system. This property protects a TPM key from phishing and other attacks that may expose it. It is available on most PCs, networking equipment, and industrial controllers. 

But can a TPM be hacked? Our Security Architect, Monty Wiseman is with us to help us find out! 

Join Beyond Identity's CMO, Patrick McBride, and CTO, Jasson Casey, as they try to bust this latest myth!

Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-inc

Website:
beyondidentity.com

TPMs Can't Be Hacked - Cybersecurity Mythbusters

Microsoft said that MFA stops 99% of attacks. Is this really true? 

We hear all the time to implement MFA, but when it comes to all the options, which one is best? Luckily we have Roger Grimes (KnowBe4), Author of Hacking Multifactor Authentication, with us to help us out!

Join Beyond Identity's CMO, Patrick McBride, and CTO, Jasson Casey, as they try to bust this latest myth!

Follow Beyond Identity:
https://twitter.com/beyondidentity
https://www.linkedin.com/company/beyond-identity-inc/

Website:
https://www.beyondidentity.com/

Does MFA Stop 99% of Attacks? - Cybersecurity Mythbusters

Joshua from Beyond Identity takes us through social engineering attacks against MFA, specifically “Push Fatigue” or "MFA Fatigue" attacks, because this is the most popular MFA bypass strategy we are seeing in the headlines today.

As a result CISA’s new guidance emphasizes the need for phishing-resistant MFA, that does not utilize push notifications.

Follow Beyond Identity:
https://twitter.com/beyondidentity
https://www.linkedin.com/company/beyond-identity-inc/

Website:
https://www.beyondidentity.com/

MFA Fatigue Attacks - How MFA is Bypassed

By coupling Beyond Identitiy’s strong, risk-based, multi-factor authentication with Zscaler’s Zero Trust Exchange platform, organizations can finally achieve high levels of confidence in their users and move to a Zero Trust Architecture.

Follow Beyond Identity:
https://twitter.com/beyondidentity
https://www.linkedin.com/company/beyond-identity-inc/

Website:
https://www.beyondidentity.com/

Advance Zero Trust Security with Beyond Identity and Zscaler

Joshua from Beyond Identity takes us through social engineering attacks against MFA, specifically "Attacker in the Endpoint" attacks, because this one of the most popular MFA bypass strategies we are seeing in the headlines today.

As a result CISA’s new guidance emphasizes the need for phishing-resistant MFA.

Follow Beyond Identity:
https://twitter.com/beyondidentity
https://www.linkedin.com/company/beyond-identity-inc

Website:
https://www.beyondidentity.com

Attacker in the Endpoint - How MFA is Bypassed

Endpoint Security

Zero Trust

Phishing resistant

Phishing

Authentication

Identity Management

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Attacker in the Endpoint - How MFA is Bypassed

Presented by

About this talk

More from this channel