accent 1 accent 2
CPE Webinar Replay

Incident Response Webinar: Attacking the Cloud and Transitioning On-Prem


Continuing our live attack simulation series, our incident response team is demonstrating a sly technique that infiltrates an O365 network, pivots on-prem to financial data, and transmits that data through gmail.

Our security analysts will give a brief tour of Varonis for Office 365, execute the attack from intrusion to privilege escalation to exfiltration, then show you how to use DatAlert to detect and respond.


Watch Now

In this webinar, we will...

  • Trick a user into entering creds into our fake O365 login page (made with evilginx)
  • Make Microsoft send a passcode to the user’s phone
  • See a user enter their passcode on OUR fake page
  • Hijack the user’s session token
  • Gain access to SharePoint Online environment
  • Exfiltrate data from O365
  • Pivot to on-prem and steal CEO’s emails (because why not?)
Chris Kelly
Chris Kelly Security Analyst, Varonis

Chris Kelly, GCIH is a security analyst on the Incident Response and Security Architecture team at Varonis. Chris has a security engineering background with a focus on incident response and endpoint forensics.

“The level of governance and insight provided by Varonis empowered our team to detect and respond to abnormalities as well as user activity and misconfigurations.”

Al Faella, CTO, Prospect Capital Management

Want to see Varonis in action?