NBConsult’s Post

If there's one person that's passionate about Zero Trust, its Nicolas Blank. ENow Software has decided to let him loose on the masses to talk about why Zero Trust is important, AND how it applies to Application Security in Entra ID. As always, I will be in the room, pointing and commenting on all things Security Posture. 😁 This is part of ENow Software's Identity Posture Maintenance Series on providing customers and partners across the global, with tools that allow them to identify the risks with Identity Security in their Microsoft cloud environments. Don't miss out on this one!!! #AppGovScore #AppSecurity #ApplicationGovernance

I’ll be co-hosting a webinar with Alistair Pugin hosted by ENow Software on 𝗢𝗰𝘁𝗼𝗯𝗲𝗿 𝟵 with the topic "𝗭𝗲𝗿𝗼 𝗧𝗿𝘂𝘀𝘁 𝗳𝗼𝗿 𝗔𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗶𝗻 𝗘𝗻𝘁𝗿𝗮 𝗜𝗗." - for more details, click here https://lnkd.in/eEtSbSep 𝗪𝗛𝗬 𝗗𝗢 𝗪𝗘 𝗖𝗔𝗥𝗘? – We helped Microsoft co-author the Zero-Trust adoption Framework, You’ll find our name on the overview page! So this topic is near and dear to our hearts. Read more here for details: https://lnkd.in/ectmMB5c   𝗪𝗛𝗬 𝗦𝗛𝗢𝗨𝗟𝗗 𝗬𝗢𝗨 𝗖𝗔𝗥𝗘? Zero Trust, Entra ID and Entra ID Application governance are not just keywords, they should be inextricably linked as part of your security strategy.   To save you a moment, I’ve added the webinar details below. 👇👇👇   With the adoption of cloud-based applications and hybrid work environments, the security perimeter is redefined from firewall-based security to Identity based security. Zero Trust offers a more proactive and granular approach to security, assuming that no entity within or outside the network should be trusted without continuous verification. In this session, we will explore how Microsoft Entra ID can be leveraged to implement Zero Trust principles for application security.  We will discuss the key benefits of Zero Trust, including:  • A unified strategy: Building a security strategy that includes what you already own.  • Enhanced security: Protecting your applications from unauthorized access and data breaches.  • Reduced risk: Minimizing the impact of security incidents.  • Increased productivity: Enabling secure and seamless access to applications.      If you’ve read this far and you’d like to join us, please click below, register and we’ll send you the details: 👇👇👇 https://lnkd.in/eEtSbSep   Hope to see you there!

We doing Zero Trust with EntraID TODAY! Join me with Alistair Pugin as we talk about Securing EntraID in the context of Zero Trust! Hosted by ENow Software, you'll learn how Zero Trust is more than the security flavor of the day, but a real actionable security strategy. Interested? Click here to join live OR receive the recording after the fact: https://lnkd.in/eEtSbSep

🛡️ Secure Your Application Stack: Join Our Webinar on Application Security Posture Management! 🛡️ Are you an Entra ID administrator or a security professional? Don't miss our upcoming webinar TOMORROW, March 20th at 10:00 AM PST / 1:00 PM EST where we'll dive deep into the world of Application Security Posture Management in Microsoft Entra ID. 🔑 Key Takeaways: Understand how applications are deployed and secured in Entra ID. Learn how to continuously evaluate and improve your application security posture. Discover actionable steps to protect and govern your application stack. 🎤 Featuring Industry Experts: Nicolas Blank, Renowned Architect, Author, and Microsoft MVP. Alistair Pugin, M365 + Security MVP, CTO, and Technology Architect. Don't let your applications be vulnerable to attacks. Join us and take the first step towards a more secure and governed application environment. Register today! ✏️ Link to ENow Software registration here!

The conclusion presented in the article is thought-provoking and highlights an often overlooked aspect of cybersecurity vulnerabilities within organizations. While it may not apply universally to every company or situation, it does underscore several critical points: 1. Risk from Administrative Software: Administrative tools and software used for system management and security, such as domain administration setups or endpoint protection platforms, can indeed be vulnerable. These tools have privileged access and are high-value targets for attackers looking to compromise systems or disrupt operations. 2. Insider Threats: The statement alludes to the potential risks posed by insiders, whether intentionally malicious or inadvertently compromised, who have access to these administrative tools. This insider threat can be significant if proper controls and monitoring are not in place. 3. Irony of Security Tools: It highlights the irony that the very software and tools implemented to enhance security and manage systems effectively can sometimes introduce new vulnerabilities or be exploited by attackers. However, whether one agrees with this conclusion depends on various factors: • Context: The level of risk posed by administrative software can vary greatly depending on the organization's size, industry, and specific cybersecurity practices in place. • Mitigation Measures: Effective cybersecurity strategies include rigorous access controls, continuous monitoring, regular updates, and patches for administrative tools to mitigate risks. • Broader Perspective: While administrative software can be a significant risk factor, other elements like user education, overall system hygiene, and external threat landscape also play crucial roles in determining overall security posture. In essence, while the article raises valid concerns about administrative software as a potential cybersecurity risk, it should be viewed in the broader context of comprehensive cybersecurity management, where multiple factors contribute to organizational security.

If you have or are planning to have OAuth protected resources, you gotta check out this webinar I did last month. I cover some very crucial topics that will help you avoid vulnerabilities that most OAuth implementations have.

Microsoft 365 offers more than just productivity tools—it's a fortress for your data. Explore key insights into its security features and how they protect your business. Article here 👉

Security starts with access. New Veeam Data Platform v12.3 protects identity and access management with support for Microsoft Entra ID, powerful proactive threat analysis with Recon Scanner and Veeam Threat Hunter, and more. Read all about it >>