Blackpoint Cyber expands cloud security with Identity Response for Azure AD

Blackpoint Cyber launched a brand-new Cloud Response feature, Identity Response for Azure AD.

In light of the surge in identity-based attacks, where threat actors exploit victims’ login credentials from compromised services or successful phishing campaigns, Blackpoint Cyber is taking a proactive approach to counter these threats. They have built a feature within Cloud Response: Identity Response for Azure AD. This feature amplifies the security of Microsoft environments and extends protection to third-party applications interconnected via Azure SSO authentication.

“Since the launch of Cloud Response last year, we were the first to monitor Microsoft 365 environments and provide true response on alerts. With Identity Response for Azure AD, we’re blazing another trail, as the only company to contextualize SSO logins to Azure and put them in front of the SOC for response,” said Xavier Salinas, CTO at Blackpoint. “In an era dominated by cloud operations, it’s undeniable that while it revolutionizes operations and boosts businesses, it also widens the scope for threats.”

Identity Response for Azure AD empowers the Blackpoint SOC to:

• Identify unauthorized access and discern if the login originated from Microsoft or an associated third-party service
• Recognize and take swift action against suspicious logins through Azure SSO
• Protects against attacks that deceive users into green-lighting malicious enterprise applications, inadvertently granting attackers access to an organization’s Microsoft assets

Identity Response for Azure AD provides Blackpoint partners with:

• Further visibility into vulnerabilities within their attack surface
• Increased knowledge of potential data exposure, allowing for faster remediation
• Added context for audit procedures and damage assessment endeavors

Salinas continued with an example of how this new product can protect users and companies, “In the recent sophisticated attack on MGM, the alleged compromise of a user’s SSO account allowed the adversary to access critical infrastructure, resulting in a reported revenue loss of around $2 billions.

By applying protection to SSO, it becomes possible to identify and respond to sophisticated attack chains utilized by threat actors whether technological or, in the alleged case of MGM, psychological.

Therefore, we will continue to forge the path for SSO protection, as this unmonitored attack surface continues to grow. Our partners can depend on our unwavering commitment to innovate, shielding, detecting, and counteracting threats in this evolving landscape.”

Identity Response for Azure AD is available through Cloud Response within their product bundle, Blackpoint Response. This suite of security products is aligned to proven security frameworks such as NIST. With this product bundle, businesses can employ a unified defense strategy against the myriad of cyberthreats across attack surfaces.