Cybersecurity Diet for 2024
56:25
Cybersecurity Diet for 2024
6 ай бұрын
Making Cents of Security: Attack Exposure Management
22:45
Making Cents of Security: Attack Exposure Management
7 ай бұрын
Driving SOC Efficiency with Automated Threat Intelligence
33:44
Driving SOC Efficiency with Automated Threat Intelligence
7 ай бұрын
Ctrl Alt Defeat: Navigating the 2024 Threat Landscape [Webinar]
53:44
Ctrl Alt Defeat: Navigating the 2024 Threat Landscape [Webinar]
7 ай бұрын
Cyber Threats In The Legal Sector And How To Fix Them [Webinar]
37:29
Cyber Threats In The Legal Sector And How To Fix Them [Webinar]
7 ай бұрын
What is MXDR (Managed eXtended Detection and Response) and how does it work?
2:03
What is MXDR (Managed eXtended Detection and Response) and how does it work?
8 ай бұрын
How CloudGuard Automated Response Works
0:36
How CloudGuard Automated Response Works
8 ай бұрын
DEMO: Automated threat response in cybersecurity
1:17
DEMO: Automated threat response in cybersecurity
10 ай бұрын
[Webinar] Navigating the 2024 Threat Landscape
1:12
[Webinar] Navigating the 2024 Threat Landscape
11 ай бұрын
How CloudGuard MXDR Stops Business Email Compromise Attacks
2:01
How CloudGuard MXDR Stops Business Email Compromise Attacks
Жыл бұрын
Пікірлер
@caraher
@caraher 5 ай бұрын
Nice demonstration, good topic
@CloudGuardAI
@CloudGuardAI 4 ай бұрын
Glad you liked it!
@LelioCosta
@LelioCosta 5 ай бұрын
Tanks for sharing this
@CloudGuardAI
@CloudGuardAI 4 ай бұрын
no problem! more to come!
@Grunfeld
@Grunfeld 6 ай бұрын
Thanks for the video. At work I authenticate my login to their Microsoft software using a number generated by my Yubikey and my phone. This feels the same level as in your Alice scenario. At home I physically insert the key into my laptop; this feels more like your Bob scenario. Have I understood that right?
@CloudGuardAI
@CloudGuardAI 6 ай бұрын
So essentially you're using the Yubikey app on your phone to generate OTPs (one-time passcodes), and is similar to the OTP numbers you get generated in the Microsoft Authenticator app, or any other common authentication applications such as Google Authenticator or Authy. The weakness with OTP is that there's no built-in checks performed with this method of MFA to validate the target domain you're entering your credentials into is legitimate. One thing to bear in mind is that if you're using the Yubikey application on your laptop to generate OTPs you will still be asked to insert your Yubikey to access and unlock the key, however it's not using WebAuthn or FIDO2. If you currently use the cycling codes in the Yubico Authenticator app on your laptop to log in with, then it won't be using FIDO2, meaning it's unfortunately still subject to the AiTM attack as you saw in Alice's scenario. Microsoft supports FIDO2 with Yubikeys so you would just need to register your Yubikey as a FIDO2 device and add this as your preferred method of authentication. Depending on your or your workplace setup, they may not allow this by default, so you would need to ask them to enable FIDO2 authentication for you, and you can then register it. We hope that helps!
@Grunfeld
@Grunfeld 6 ай бұрын
​@@CloudGuardAI Thank you for the reply and the suggestion to enable FIDO2. I shall learn how to do this (lol, I'll likely end up looking on KZbin!) 🙂
@CloudGuardAI
@CloudGuardAI 5 ай бұрын
We've taken your feedback on board and hope to make a video on it soon. :)