Attack Surface Management Archives - ShadowMap Digital Risk Management - Asset Inventory & Cyber Threat Intelligence - ShadowMap Mon, 03 Oct 2022 19:58:59 +0000 en-US hourly 1 https://wordpress.org/?v=6.8.3 https://shadowmap.com/wp-content/uploads/2019/07/favicon-50x50.png Attack Surface Management Archives - ShadowMap 32 32 Tracking SSO Integrations Across The Organization https://shadowmap.com/features/tracking-sso-integrations/ https://shadowmap.com/features/tracking-sso-integrations/#respond Mon, 03 Oct 2022 19:58:59 +0000 https://shadowmap.com/?p=4307 ShadowMap’s Attack Surface Management Product creates a real-time tracker of all SSO (Single Sign-On) Integrations across your organisations public footprint. A threat analysis report is generated to raise alerts for unauthorised shadow accounts and non-compliance with implementation best practices. Key Features of ShadowMap – Tracking SSO Integrations & Threat Analysis Report Compatibility with: Google Workspace, Azure […]

The post Tracking SSO Integrations Across The Organization appeared first on ShadowMap.

]]> ShadowMap’s Attack Surface Management Product creates a real-time tracker of all SSO (Single Sign-On) Integrations across your organisations public footprint. A threat analysis report is generated to raise alerts for unauthorised shadow accounts and non-compliance with implementation best practices.

ShadowMap Executive Cyber Protection Demo

ShadowMap – Tracking SSO Integrations

Key Features of ShadowMap – Tracking SSO Integrations & Threat Analysis Report

  • Compatibility with: Google Workspace, Azure AD, Office 365, Okta, Cloudflare Access, Duo Security, Auth0, Amazon Cognito, Idento IAM along with internal SAML / OAuth implementations.
  • Track account information behind each SSO Integration & Raise alerts for unauthorised shadow accounts.
  • Automated best-practice checks of the SSO implementations to raise alerts for any privacy or security issues.
  • Track Credentials Leaked on the Internet, Deep-Web & Dark-Web related to your SSO implementations.
  • Have our Cyber Threat Police Experts available on-demand to investigate, analyse and mitigate these critical risks.

Importance of Ensuring Secure SSO (Single Sign-On) Implementation

A recent study on risks associated with SSO (Single Sign-On) implementations found:

  • 25% of the S&P 500 and half of the top 20 most valuable public U.S companies have had at least one SSO credential for sale on the dark web in 2022.
  • Shared credentials were the most common attack vector used by hackers and responsible for nearly 50% of all cyber attacks.
  • Logon credentials are a major focus for external attackers (61% of data breaches involve credential data).
  • With the average enterprise using over 250 cloud apps, the prospect of employees remembering unique, strong passwords for each of them is simply impractical.
  • Brute force attacks accounted for 31% of all cyberattacks in 2021 and 89% of the organisations interviewed experienced phishing attacks over the past year.

Common Security Vulnerabilities in SSO (Single Sign-On) Implementations

  • XML injection Attacks
  • Timing or Expiration Based Attacks
  • Signature Spoofing and Exclusion Attacks
  • XXE and XSLT Attacks
  • SSO Implementation Bypass / Authentication Bypass Attacks
  • Access Token Misuse or Replay Attacks
  • Credential Leakage via Referrer Header
  • Client Secret Leakage
  • Credential Leakage via Page Content

The post Tracking SSO Integrations Across The Organization appeared first on ShadowMap.

]]> https://shadowmap.com/features/tracking-sso-integrations/feed/ 0