Another professional from the Entra ID group shared this video and I'm subbed! Excellent video! As an aspiring Cybersecurity Analyst, I appreciated the multi-layered approach to conditional access, especially where the principle of Least Privilege was illustrated. Also found the Conditional Access for Zero Trust Framework exciting, particularly where he addressed the multiple exclusions by naming conventions thru 'personas'. Thanks for sharing! 👍
Amazing video Ru. Just a question about the VPNs, are you saying consumer VPNs are not evaluated or considered in location based CA policies? And so, in your UK example, if a user from the UK was connected to a VPN to access streaming video from the USA for example, they wouldn't be blocked by the CA policy? Hence the MDA policy requirement. Or are you saying a bad actor can use a VPN to appear to come from Ireland for example, when they are in fact in the far east and without the MDA policy would be able to sign in?🤕
Hey Matt, it's the latter. For example, if I have a CA policy that only allows Irish IPs, CA will accept IPs of VPNs, data centres, VPSs, etc, as long as their IP matches Irish geo data. Using MDA, you can refine it by saying "also block if the category - not just location - of the IP is XYZ".
Another professional from the Entra ID group shared this video and I'm subbed! Excellent video! As an aspiring Cybersecurity Analyst, I appreciated the multi-layered approach to conditional access, especially where the principle of Least Privilege was illustrated. Also found the Conditional Access for Zero Trust Framework exciting, particularly where he addressed the multiple exclusions by naming conventions thru 'personas'. Thanks for sharing! 👍
Amazing video. Very informative and captivating content.
Terrific video,
That is a high level security for Conditional access.
Thanks Sergio! Glad you found it useful
Really good video covering many common gaps
Glad it was helpful! Do let us know what you would like us to cover next.
@@threatscape Continuous Access evaluation (CAE) and Token protection please :)
Amazing video Ru. Just a question about the VPNs, are you saying consumer VPNs are not evaluated or considered in location based CA policies? And so, in your UK example, if a user from the UK was connected to a VPN to access streaming video from the USA for example, they wouldn't be blocked by the CA policy? Hence the MDA policy requirement. Or are you saying a bad actor can use a VPN to appear to come from Ireland for example, when they are in fact in the far east and without the MDA policy would be able to sign in?🤕
Hey Matt, it's the latter. For example, if I have a CA policy that only allows Irish IPs, CA will accept IPs of VPNs, data centres, VPSs, etc, as long as their IP matches Irish geo data. Using MDA, you can refine it by saying "also block if the category - not just location - of the IP is XYZ".
What if- Literally saved my sanity
The content is amazing expecti9nal the, but the background color that green background needs to be changed .we need new modern look