Incident Response in the Cloud: Combating Business Email Compromise Threats
Incident Response in the Cloud Has Some Major Nuances.
The cloud can significantly improve Incident Response capabilities if appropriately leveraged. However, many organizations, even those with traditional Incident Response plans, have faced a rude awakening with their first cloud incident. Due partly to the shared responsibility between the cloud service provider and the customer, responding to an incident in the cloud can cause confusion that leads to delayed response and unresolved issues that lead to significant loss.
Business Email Compromise Continues to be a Challenge.
Microsoft 365, formerly known as Office 365, has many tools to significantly enhance detection, response, recovery, and forensic capabilities. However, some tools are confusing, underused, or relatively unknown. To address these issues, TrustedSec will review Incident Response concerns related to business email compromise with cloud services, including:
- Access Logs
- Forwarding Rules
- oAuth2 Applications
- Root cause
Preparing for an Incident Has Never Been More Important!
Entry points for attacks have taken many forms, and the consequences have been severe in some cases. In this webinar, TrustedSec will discuss tactical processes within the cloud and address containment, prevention, and recovery strategies. Learn from Incident Response Practice Lead Tyler Hudak as he discusses the latest issues and walks through Incident Response in the cloud.