How to Investigate an OAuth Grant for Suspicious Activity or Overly Permissive Scopes | Cybersecurity

Advertisement Gaming: Visit today for your PlayStation, Xbox, Xbox bundles, Nintendo games.
Xbox  |  Xbox Bundles  |  Nintendo  |  Playstation  |  Cards
Manor Lords is a strategy game that allows you to experience the life of a medieval lord.
Horizon Forbidden West. Join Aloy as she braves a majestic but dangerous new frontier that holds mysterious new threats. This Complete Edition allows you to enjoy the critically acclaimed Horizon Forbidden West on PC...

From a user’s perspective, OAuth works like magic. In just a few keystrokes, you can whisk through the account creation process and gain immediate access to whatever new app or integration you’re seeking. Unfortunately, few users understand the implications of the permissions they allow when they create a new OAuth grant, making it easy for malicious actors to manipulate employees into giving away unintended access to corporate environments. In one of the highest-profile examples, Pawn Storm’s attacks against the Democratic National Convention and others leveraged OAuth to target victims through social engineering.

Security and IT teams would be wise to establish a practice of reviewing new and existing OAuth grants programmatically to catch risky activity or overly-permissive scopes. And, there are new solutions for SaaS security cropping up that can make this process easier.

Let’s take a look at some best practices for prioritizing and investigating your organization’s grants.

When should you investigate an OAuth grant?

Organizations approach OAuth grant reviews in a few different ways. Some opt to review new OAuth grants in real-time, initiating a review any time a user…

Source thehackernews.com

FTC: We use income earning affiliate links. More on Sposored links.
Terms of use and third-party services. More here.

Ad Amazon Minecraft the game, plus clothing, toys, and accessories.

Ad Amazon Gaming Laptops, clothing, games and more

Ad Amazon MUSIC Artists Merch Shop

Stay connected throughout the year with official, ongoing Microsoft podcasts.
Microsoft Podcasts Apple | Microsoft podcasts YouTube


“Happiness is when what you think, what you say, and what you do are in harmony.” —Mahatma Gandhi

Related Posts