Blueprint: Build the Best in Cyber Defense
Are you a cyber defender looking to keep up on the newest tools, technology, and security concepts? Then BLUEPRINT is the podcast for you! Tune in to hear the latest in cyber defense and security operations from blue team leaders and experts. With a focus on learning, BLUEPRINT includes interviews with today’s top security practitioners defending the world’s most respected brands, and in-depth explanations on the newest technologies, protocols, and defensive tools. BLUEPRINT, is a podcast hosted by John Hubbard and brought to you by the SANS Institute. BLUEPRINT - your one-stop shop for taking your defense skills to the next level!
Blueprint: Build the Best in Cyber Defense
How Phishing Resistant Credentials Work with Mark Morowczynski and Tarek Dawoud
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
Mark Morowczynski returns for his 4th(!) time with his Microsoft coworker and identity and authentication expert Tarek Dawoud in this incredibly insightful conversation on the what, why, and how of phishing resistant credentials that YOU can implement right now!
This conversation covers:
- What makes MFA phishable?
- What phishing resistant credentials are and how they work
- The history and modern methods for phishing resistant credentials
- What attacks will be used once we move to phishing resistant credentials, and how to prevent and detect it
- How verified digital identities and corporate identification can help further reduce risk of help desk based attacks
- Shifting the culture to adopt a passwordless login
- Key logs to detect identity attacks
- Resources for learning KQL
Episode Links:
- Tarek Explains Phishing Resistant Authentication: https://www.youtube.com/watch?v=3wtwUh6iyxY
- Microsoft Digital Defense Report: https://www.microsoft.com/en-us/security/security-insider/intelligence-reports/microsoft-digital-defense-report-2024
- Nuance: https://www.nuance.com/index.html
- Book - The Definitive Guide to KQL: https://www.microsoftpressstore.com/store/definitive-guide-to-kql-using-kusto-query-language-9780138293383
- KQL Github Repo: github.com/kqlmspress
- Kusto Detective Agency: https://detective.kusto.io/
Contact, Courses, and More:
For feedback, reviews, guest pitches, or to get in contact with me for any other reason, head to blueprintpodcast.live!
Check out John's SOC Training Courses for SOC Analysts and Leaders:
- SEC450: SOC Analyst Training - Applied Skills for Cyber Defense Operations
- LDR551: Building and Leader Security Operations Centers
Follow and Connect with John: LinkedIn
