Ports that are open to the Internet, weak or reused passwords, and bad patching habits are some of the most common security holes that let hackers steal data This article explores said oauth. . Benoit said that security teams should try to "stop incidents before they happen."
Benoit didn't just say what went wrong and what people do wrong; she also said how to make things better. Benoit said, "Don't trust anything," whether it's people, processes, or vendors. "I would log in and see the same problems over and over again," she said. "Dumb Ways to Die" was playing in the background, which was also the name of the session.
People get mad when companies tell them they can't check their email on their personal devices. One mistake that needs more attention is not locking down OAuth consent for users.
People will sometimes click on bad links and phishing links, and attackers will win. To lower risks, it's important to set clear rules for protecting your identity.Microsoft's Benoit said of OAuth, "If you're not blocking it, they'll do it." "They should feel bad for making it," she said of Microsoft's advice to only let users give permission for apps that have been published by verified publishers.
Benoit warned, "It is definitely used in bad phishing campaigns." One way to deal with some of these worries is to build good relationships with developers. Being friends with the development team is "literally one of the best things" businesses can do to make their security programs better.
It may take time to build trust, but once you do, everyone on the team is responsible for security, and developers play a big role. Benoit said, "They won't work with you if you blame others." "They'll tell on their friends."
They will tell on themselves. There are more than 100,000 security experts on the website of the U.S. National Security Agency. Visit www.nsa.gov for more information.
