OM
Uploaded byOddvar Moe
PPTX, PDF257 views

Phishing past mail protection controls using azure information

The document discusses Azure Information Protection (AIP), detailing its features, licensing costs, and user experience for phishing protection. Key aspects include data encryption, tracking email usage, and the ability to protect various file formats. It also compares AIP with competitor services like Gmail's confidentiality mode.

Embed presentation

Download to read offline
PHISHING PAST MAIL PROTECTION CONTROLS USING AZURE INFORMATION PROTECTION
ODDVAR MOE Red teamer @TrustedSec Security Geek / Blogger / Speaker / Researcher Twitter: @oddvarmoe Blog: https://oddvar.moe
HANS LAKHAN Hans Lahkan is the master operator of multiple AI systems that leverage software defined synergies to cloud hyper converge bios. Thru many years of experience Hans has created a neural network with machine learning that can output biographies. Hans like's to code in Ruby, this AI prefers the one true language of assembly. Hans once neglected his machine slaves for a 48hr DnD marathon. Hans doesn't love me… 000001010100001001 Aismov override.
INTRO • Why talk about Azure Information Protection (AIP)? • Story behind the discovery • https://www.trustedsec.com/2019/04/next-gen-phishing-leveraging-azure-information-protection/ • Cover: • What it is • Licensing • Features • Detection • Exploit
WHAT IS AIP? • Labeling and Protection of Content • Protection using Azure Rights Management Service (Azure RMS) • Active Directory RMS (On-Prem)
WHAT IS AIP? • In Cloud, can be consumed by everyone • If receiver has Azure AD account (O365) they can open seamless • If receiver does not have Azure AD account, they are asked to create one • If receiver is Gmail,Hotmail ++ they need to go to a special link User Experience: https://blog.atwork.at/post/2018/02/18/Azure-information-protection-user-experience-with-external-users
WHAT IS AIP? • Protection of data, everywhere! AIP Client: https://www.microsoft.com/en-us/download/details.aspx?id=53018
WHAT IS AIP? • Protection of data, everywhere!
WHAT IS AIP? •Supported file types: All Office formats (xls,xlsx,doc,docx+++) * .pdf .txt .xml .jpg/jpeg .png .tif/tiff .bmp .gif .jpe .jfif .jt Each format (except Office) gets .p added. Must be viewed in AIP Viewer Client
LICENSING / COSTS
LICENSING / COSTS
LICENSING / COSTS •Details: https://azure.microsoft.com/en-us/pricing/details/information-protection/
LICENSING / COSTS •Office 365 E3 - $20 user/month •Azure AD Premium P1 - $6 user/month •Azure AD Premium P2 - $9 user/month *Ask your licensing advisor
FEATURES • Tracking • See when email was viewed/opened • See when user authenticates to open payload • Encryption of Payloads • Encryption of Emails
DETECTION • Content inside file is encrypted – Tenant ID can be found
DETECTION • Transport rules can create auditing and block
DEMO OF DOCUMENT ENCRYPTION Pray to the demo gods
DEMO OF EMAIL ATTACHMENT Pray to the demo gods
DEMO OF UNAUTHORIZED ACCESS Pray to the demo gods
DEMO OF TRACKING Pray to the demo gods
DEMO ON VIRUS TOTAL Pray to the demo gods
COMPETITORS • Gmail – Confidentiality mode • Can be emails with links and/or attachments • Verified via SMS MFA if phone number is known. • Not encrypted • Prompted before clicking links/attachments
INCOMING MESSAGE
AUTHORIZED ACCESS
LINK REDIRECTION
THANK YOU!

More Related Content

PPTX
iOS Security - Secure-iOS-Guidelines - Apple | iOS | Swift
byBunty Madan
 
PPTX
Web security
byKaushal Bhavsar
 
PPTX
Continuous Integration and Quality Development
byGareth Davies
 
PPTX
ZeroNights2013 testing of password policy
byAnton Dedov
 
PPTX
Securing the cloud
byZIONSECURITY
 
PPTX
Assume breach, layered security in Azure tested and explained
byMartyn Coupland
 
PDF
Web application security
byAkash Mahajan
 
PPTX
2. intro to java
byVishal Singh
 
iOS Security - Secure-iOS-Guidelines - Apple | iOS | Swift
byBunty Madan
 
Web security
byKaushal Bhavsar
 
Continuous Integration and Quality Development
byGareth Davies
 
ZeroNights2013 testing of password policy
byAnton Dedov
 
Securing the cloud
byZIONSECURITY
 
Assume breach, layered security in Azure tested and explained
byMartyn Coupland
 
Web application security
byAkash Mahajan
 
2. intro to java
byVishal Singh
 

What's hot

PPTX
Web application security
byAkash Mahajan
 
PDF
Top 10 web application security risks akash mahajan
byAkash Mahajan
 
PPTX
Infosec girls training-hackcummins-college-jan-2020(v0.1)
byShrutirupa Banerjiee
 
PPTX
Azure information protection and SharePoint
byAlbert Hoitingh
 
PDF
Access Security - Hybrid Identity
byEng Teong Cheah
 
PDF
SharePoint Conference - Secure the data, not the device
byOlav Tvedt
 
PPTX
DotNet 2019 | Hugo Biarge - Autenticación en aplicaciones web y nativas
byPlain Concepts
 
PPTX
Frog Trade's Presentation
byFrogEducation
 
PDF
Top 18 azure security fails and how to avoid them
byKarl Ots
 
PDF
UpdateConf 2018: Top 18 Azure security fails and how to avoid them
byKarl Ots
 
PDF
Top Azure security fails and how to avoid them
byKarl Ots
 
PPT
Inner Security Ltd
byinnersecurity
 
PDF
Webinar: Secure Solr with Fusion
byLucidworks
 
PDF
Menofia UN -Mobile Security
byAhmed Samara
 
PPTX
Managing Identities in the World of APIs
byApigee | Google Cloud
 
PPTX
Building secure android apps
byKaushal Bhavsar
 
PPTX
AWS Security Strategy
by2nd Sight Lab
 
PPTX
Lacework Kubernetes Meetup | August 28, 2018
byLacework
 
Web application security
byAkash Mahajan
 
Top 10 web application security risks akash mahajan
byAkash Mahajan
 
Infosec girls training-hackcummins-college-jan-2020(v0.1)
byShrutirupa Banerjiee
 
Azure information protection and SharePoint
byAlbert Hoitingh
 
Access Security - Hybrid Identity
byEng Teong Cheah
 
SharePoint Conference - Secure the data, not the device
byOlav Tvedt
 
DotNet 2019 | Hugo Biarge - Autenticación en aplicaciones web y nativas
byPlain Concepts
 
Frog Trade's Presentation
byFrogEducation
 
Top 18 azure security fails and how to avoid them
byKarl Ots
 
UpdateConf 2018: Top 18 Azure security fails and how to avoid them
byKarl Ots
 
Top Azure security fails and how to avoid them
byKarl Ots
 
Inner Security Ltd
byinnersecurity
 
Webinar: Secure Solr with Fusion
byLucidworks
 
Menofia UN -Mobile Security
byAhmed Samara
 
Managing Identities in the World of APIs
byApigee | Google Cloud
 
Building secure android apps
byKaushal Bhavsar
 
AWS Security Strategy
by2nd Sight Lab
 
Lacework Kubernetes Meetup | August 28, 2018
byLacework
 

Similar to Phishing past mail protection controls using azure information

PPTX
AzureThursday Mirabeau - Azure Information Protection
byAlbert Hoitingh
 
PDF
AIP Webinar Series - Part 1 - AIP Introduction.pdf
bySushanta Mondal
 
PDF
Azure Information Protection
byRobert Crane
 
PPTX
Azure Information Protection - Taking a Team Approach - SPS Montreal
byJoanne Klein
 
PDF
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
byNCCOMMS
 
PDF
Trusted information protection
byPablo Junco
 
PPSX
Thread Legal and Microsoft 365 Security
byThread Legal
 
PPTX
Azure Information Protection - Taking a Team Approach
byJoanne Klein
 
PDF
December 2019 Microsoft 365 Need to Know Webinar
byRobert Crane
 
PDF
Protect your data in / with the Cloud
byGWAVA
 
PDF
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
byJürgen Ambrosi
 
PDF
2018-10-23 2B - a deep dive into Microsoft 365 security - Muditha Chathuranga
byaOS Community
 
PDF
Emma Aubert | Information Protection
byMicrosoft Österreich
 
PDF
Azure Information Protection for Data Protection with Microsoft AIP tool
byssuser381403
 
PPTX
Securing your Organization with Microsoft 365
byRavikumar Sathyamurthy
 
PPTX
In t trustm365ems_v3
byInTTrust S.A.
 
PPTX
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
byMorgan Simonsen
 
PPTX
Microsoft Information Protection.pptx
byChrisaldyChandra
 
PDF
May 2020 Microsoft 365 Need to Know Webinar
byRobert Crane
 
PPTX
Office 365 Vancouver. A Team Approach to Azure Information Protection
byJoanne Klein
 
AzureThursday Mirabeau - Azure Information Protection
byAlbert Hoitingh
 
AIP Webinar Series - Part 1 - AIP Introduction.pdf
bySushanta Mondal
 
Azure Information Protection
byRobert Crane
 
Azure Information Protection - Taking a Team Approach - SPS Montreal
byJoanne Klein
 
O365Con18 - Classify, Label and Protect your Data with Azure Information Prot...
byNCCOMMS
 
Trusted information protection
byPablo Junco
 
Thread Legal and Microsoft 365 Security
byThread Legal
 
Azure Information Protection - Taking a Team Approach
byJoanne Klein
 
December 2019 Microsoft 365 Need to Know Webinar
byRobert Crane
 
Protect your data in / with the Cloud
byGWAVA
 
Identity and Data protection with Enterprise Mobility Security in ottica GDPR
byJürgen Ambrosi
 
2018-10-23 2B - a deep dive into Microsoft 365 security - Muditha Chathuranga
byaOS Community
 
Emma Aubert | Information Protection
byMicrosoft Österreich
 
Azure Information Protection for Data Protection with Microsoft AIP tool
byssuser381403
 
Securing your Organization with Microsoft 365
byRavikumar Sathyamurthy
 
In t trustm365ems_v3
byInTTrust S.A.
 
NIC 2017 Did you like Azure RMS? You will like Azure Information Protection e...
byMorgan Simonsen
 
Microsoft Information Protection.pptx
byChrisaldyChandra
 
May 2020 Microsoft 365 Need to Know Webinar
byRobert Crane
 
Office 365 Vancouver. A Team Approach to Azure Information Protection
byJoanne Klein
 

More from Oddvar Moe

PPTX
Windows Client Privilege Escalation-Shared.pptx
byOddvar Moe
 
PPTX
Hva avanserte hackere gjør for å få tilgang - Publisert.pptx
byOddvar Moe
 
PPTX
Red teaming and war stories
byOddvar Moe
 
PPTX
Enkel og effektiv herding av windows
byOddvar Moe
 
PPTX
App-o-Lockalypse now!
byOddvar Moe
 
PPTX
#Lolbins - Nothing to LOL about!
byOddvar Moe
 
PPTX
Windows binærfiler
byOddvar Moe
 
PPTX
Hacke windows med windows - avanserte angrep
byOddvar Moe
 
PPTX
NIC 2017 - Attack and detection in Windows Environments
byOddvar Moe
 
PPTX
Angrep og deteksjon user group 22.september
byOddvar Moe
 
Windows Client Privilege Escalation-Shared.pptx
byOddvar Moe
 
Hva avanserte hackere gjør for å få tilgang - Publisert.pptx
byOddvar Moe
 
Red teaming and war stories
byOddvar Moe
 
Enkel og effektiv herding av windows
byOddvar Moe
 
App-o-Lockalypse now!
byOddvar Moe
 
#Lolbins - Nothing to LOL about!
byOddvar Moe
 
Windows binærfiler
byOddvar Moe
 
Hacke windows med windows - avanserte angrep
byOddvar Moe
 
NIC 2017 - Attack and detection in Windows Environments
byOddvar Moe
 
Angrep og deteksjon user group 22.september
byOddvar Moe
 

Recently uploaded

PPTX
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
PDF
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
PDF
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
PDF
From Hallucinations to High-Confidence AI with Data Enrichment.pdf
byPrecisely
 
PDF
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
PDF
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
PDF
How AI Can Help Platform Engineers Build Better Platforms
byAll Things Open
 
PDF
UiPath Automation Developer Associate Training Series 2025 - Session 4
byDianaGray10
 
PDF
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
PDF
Spec-Driven Development with Kiro: Elevating Software Quality, Traceability, ...
byHaim Michael
 
PDF
Effortless Distributed Systems with Aspire.pdf
byParticular Software
 
PDF
Agent to agent service discovery using HashiCorp Consul and Vault
byBram Vogelaar
 
PPTX
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
PDF
Security-Fails-in-the-Gaps-Between-Systems.pptx.pdf
byOhhproJunction
 
PDF
20260212 Security-JAWS activity results for 2025 and activity goals for 2026
byTyphon 666
 
PDF
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
PDF
apidays New York 2025 | AI in Application Security
byapidays
 
PDF
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
PDF
final~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~.pdf
byomarbishtawi04
 
PDF
Explaining the flow of purpose-specific BOM
byakipii ogaoga
 
Automation Without Apprentices: How AI Challenges the Open Source Way
byIcinga
 
HOW TO OVERCOME THE THREATS OF ARTIFICIAL INTELLIGENCE AGAINST HUMANITY.pdf
byFaga1939
 
shayk.online - Anonymous chat with Sinatra and WebSockets
byEleanor McHugh
 
From Hallucinations to High-Confidence AI with Data Enrichment.pdf
byPrecisely
 
GenerationAI_Paris_2025_Architecting_Intelligence.pdf
byapidays
 
Session 1/5: Enhancing Automation with Screenplay & Business Rules
bysuhanisingh58689
 
How AI Can Help Platform Engineers Build Better Platforms
byAll Things Open
 
UiPath Automation Developer Associate Training Series 2025 - Session 4
byDianaGray10
 
TrustArc Webinar - From Trends to Action: Fitting AI Governance into Privacy Ops
byTrustArc
 
Spec-Driven Development with Kiro: Elevating Software Quality, Traceability, ...
byHaim Michael
 
Effortless Distributed Systems with Aspire.pdf
byParticular Software
 
Agent to agent service discovery using HashiCorp Consul and Vault
byBram Vogelaar
 
Tech Trends 2026: AI Agents, Quantum Computing, Robotics & Cybersecurity
byridwansassman
 
Security-Fails-in-the-Gaps-Between-Systems.pptx.pdf
byOhhproJunction
 
20260212 Security-JAWS activity results for 2025 and activity goals for 2026
byTyphon 666
 
NTG -Company Profile_Software_Vendor_Company_in_MENA
byMustafa Kuğu
 
apidays New York 2025 | AI in Application Security
byapidays
 
UiPath Modern Automation Playbook -Session 2
bysuhanisingh58689
 
final~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~.pdf
byomarbishtawi04
 
Explaining the flow of purpose-specific BOM
byakipii ogaoga
 

Phishing past mail protection controls using azure information

  • 1.
    PHISHING PAST MAILPROTECTION CONTROLS USING AZURE INFORMATION PROTECTION
  • 2.
    ODDVAR MOE Redteamer @TrustedSec Security Geek / Blogger / Speaker / Researcher Twitter: @oddvarmoe Blog: https://oddvar.moe
  • 3.
    HANS LAKHAN HansLahkan is the master operator of multiple AI systems that leverage software defined synergies to cloud hyper converge bios. Thru many years of experience Hans has created a neural network with machine learning that can output biographies. Hans like's to code in Ruby, this AI prefers the one true language of assembly. Hans once neglected his machine slaves for a 48hr DnD marathon. Hans doesn't love me… 000001010100001001 Aismov override.
  • 4.
    INTRO • Why talkabout Azure Information Protection (AIP)? • Story behind the discovery • https://www.trustedsec.com/2019/04/next-gen-phishing-leveraging-azure-information-protection/ • Cover: • What it is • Licensing • Features • Detection • Exploit
  • 5.
    WHAT IS AIP? •Labeling and Protection of Content • Protection using Azure Rights Management Service (Azure RMS) • Active Directory RMS (On-Prem)
  • 6.
    WHAT IS AIP? •In Cloud, can be consumed by everyone • If receiver has Azure AD account (O365) they can open seamless • If receiver does not have Azure AD account, they are asked to create one • If receiver is Gmail,Hotmail ++ they need to go to a special link User Experience: https://blog.atwork.at/post/2018/02/18/Azure-information-protection-user-experience-with-external-users
  • 7.
    WHAT IS AIP? •Protection of data, everywhere! AIP Client: https://www.microsoft.com/en-us/download/details.aspx?id=53018
  • 8.
    WHAT IS AIP? •Protection of data, everywhere!
  • 9.
    WHAT IS AIP? •Supportedfile types: All Office formats (xls,xlsx,doc,docx+++) * .pdf .txt .xml .jpg/jpeg .png .tif/tiff .bmp .gif .jpe .jfif .jt Each format (except Office) gets .p added. Must be viewed in AIP Viewer Client
  • 10.
  • 11.
  • 12.
  • 13.
    LICENSING / COSTS •Office365 E3 - $20 user/month •Azure AD Premium P1 - $6 user/month •Azure AD Premium P2 - $9 user/month *Ask your licensing advisor
  • 14.
    FEATURES • Tracking • Seewhen email was viewed/opened • See when user authenticates to open payload • Encryption of Payloads • Encryption of Emails
  • 15.
    DETECTION • Content insidefile is encrypted – Tenant ID can be found
  • 16.
    DETECTION • Transport rules cancreate auditing and block
  • 17.
    DEMO OF DOCUMENTENCRYPTION Pray to the demo gods
  • 18.
    DEMO OF EMAILATTACHMENT Pray to the demo gods
  • 19.
    DEMO OF UNAUTHORIZEDACCESS Pray to the demo gods
  • 20.
    DEMO OF TRACKING Prayto the demo gods
  • 21.
    DEMO ON VIRUSTOTAL Pray to the demo gods
  • 22.
    COMPETITORS • Gmail –Confidentiality mode • Can be emails with links and/or attachments • Verified via SMS MFA if phone number is known. • Not encrypted • Prompted before clicking links/attachments
  • 23.
  • 24.
  • 25.
  • 27.

Editor's Notes

  • #8 Goal of AIP is to protect data no matter where a file is stored. In mail, on file server, memory stick.