Service Principles in the Spotlight: Insights from Microsoft’s Security Experts
Senior Data Scientist Emily Yale and Senior Threat Hunt Analyst at Microsoft Chris Bukavich join Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Chris focuses on incident response, investigation, and detection of major incidents, while Emily works on developing and improving detections for Microsoft's internal security. Emily and Chris were co-presenters at this year's BlueHat conference. They discussed unmasking Azure-based adversaries with an emphasis on monitoring service principles, how their respective expertise in data science and cybersecurity contributed to the session, and the challenges of monitoring service principles in Azure. This concept has evolved from traditional service accounts. In This Episode You Will Learn: The importance of monitoring spikes in activity Criteria for identifying malicious behavior targeting service principles Historical context of service principles and their increasing relevance Some Questions We Ask: How can you proactively monitor and detect anomalies related to service principles? What challenges arise when profiling service principles based on past behavior? When can service principles be tied to user authentication? Resources: View Emily Yale on LinkedIn View Chris Bukavich on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.