accent 1 accent 2
Cyber Attack Workshop

Cloud Imposter: Using SSO to Stage a SaaS Invasion

Thursday, 28 October | 11:00 am BST

Watch our attacker perform a sneaky spear-phishing attack to take over an admin’s account and impersonate high-profile users with a built-in SSO feature.

Our imposter will steal hundreds of sensitive HR docs from the company’s Google Workspace, create hidden backdoor links, and jump over to Box to exfiltrate customer contracts.

We’ll show you exactly how this attack is performed, then highlight how DatAdvantage Cloud makes it easier to see and prevent cross-cloud attacks.

It'll be recorded. So if you can't make it, register and we'll send you the replay.

+1 CPE

Register Now

How the attack works:

  • Pre-attack recon to figure out who will be an easy target
  • Bypass MFA using an advanced phishing technique
  • Export the org’s Google Workspace user list
  • Impersonate the VP of HR, access her Google Workspace, and steal employee data
  • Create hidden sharing links to external Gmail accounts as a backdoor
  • Take over a Box super admin account
  • Exfiltrate data using a custom public sharing URL

After the simulation, our Incident Response team will use DatAdvantage Cloud to show how our proactive policies and cross-cloud investigation features can detect and prevent this type of attack

James Dawson
James Dawson Engineer, Varonis

James Dawson works as a Solutions Engineer in the Southern Australian region. He has over 4 years of experience in the cybersecurity industry across APAC and EMEA and prior to that worked as a software developer.

All attendees will have a chance to win a £100 gift card of their choice! A few of the exciting choices include, but are not limited to...

nike logo-1

“The level of governance and insight provided by Varonis empowered our team to detect and respond to abnormalities as well as user activity and misconfigurations.”

Al Faella, CTO, Prospect Capital Management

Want to see Varonis in action?