This week on SysAdmin Weekly, Andy is joined by returning guest Paul Schnackenburg to dive headfirst into one of the most important (and overlooked) topics in modern IT: SaaS Security.From token theft and malicious OAuth apps to adversary-in-the-middle attacks and the harsh truth about identity becoming the new firewall, we unpack how attackers are adapting to the cloud-first world, and why most orgs are woefully unprepared.We explore:- The SaaS cyber kill chain from recon to persistence- Other real-world security incidents like CitrixBleed2 and the Fortinet hardcoded credentials fiasco- The dark art of malicious OAuth apps and shadow IT exploitation- Why EDR and XDR fall short in a SaaS world- What you can do *right now* to harden your defenses (Hint: MFA is not enough)This one’s loaded with insights and practical tips, don’t miss it!## Episode Resources ##- SysAdmin Weekly Companion Newsletter - AndyOnTech- Project Runspace- CitrixBleed 2- X Post re: Fortinet Hard-Coded Credentials- Paul's SaaS Cyber Kill Chain Article

Ver todos los episodios