Title: Office 365 from a hacker's perspective: real-life threats, tactics, and remedies

Office 365 environments are very attractive targets for attackers. So, it's never been more important to understand how its security structure works, and how to best configure it.

In this in-depth session, we'll run through real-time attack scenarios and examine common attack vectors. And then we'll explore the various defense capabilities of Office 365, the MS Graph API, and Azure AD. We'll deep-dive into external sharing, authentication options, third-party application security (what apps should and shouldn't be able to do), and even some do's and don'ts regarding Azure AD endpoints and authorization mechanisms.

You'll walk away with a solid understanding of how to use the Office 365 defense tools at your disposal, such as the Attack Simulator and Threat Intelligence, as well as how they relate to real-world attacks.

Speaker Bio

Ben Menesi is equal parts Certified Ethical Hacker, SharePoint, and IBM Notes developer, Exchange, and Domino administrator, and international speaker on all things collab-tech and cybersecurity—addressing audiences in 15 countries over the past decade (including various SPS events). He built experience working for several enterprise-level Microsoft and IBM customers before, in 2011, joining Ytria.

When he's not hard at work with R&D and product management as Ytria's Head of Product, he likes to geek out on the latest trends in cybersecurity, take on security risk assessment and penetration testing projects, and dabble in various cryptographic challenges, especially deep-diving into authentication protocols.

Schedule

Lunch is served at 11:15

Announcements and Presentation begins at 11:30