How Phishing Resistant Credentials Work with Mark Morowczynski and Tarek Dawoud

Click here to send us your ideas and feedback on Blueprint! Mark Morowczynski returns for his 4th(!) time with his Microsoft coworker and identity and authentication expert Tarek Dawoud in this incredibly insightful conversation on the what, why, and how of  phishing resistant credentials that YOU can implement right now!   This conversation covers:What makes MFA phishable?What phishing resistant credentials are and how they workThe history and modern methods for phishing resistant credentialsWhat attacks will be used once we move to phishing resistant credentials, and how to prevent and detect itHow verified digital identities and corporate identification can help further reduce risk of help desk based attacksShifting the culture to adopt a passwordless loginKey logs to detect identity attacksResources for learning KQL Episode Links:Tarek Explains Phishing Resistant Authentication: https://www.youtube.com/watch?v=3wtwUh6iyxYMicrosoft Digital Defense Report: https://www.microsoft.com/en-us/security/security-insider/intelligence-reports/microsoft-digital-defense-report-2024Nuance: https://www.nuance.com/index.htmlBook - The Definitive Guide to KQL: https://www.microsoftpressstore.com/store/definitive-guide-to-kql-using-kusto-query-language-9780138293383 KQL Github Repo: github.com/kqlmspress Kusto Detective Agency: https://detective.kusto.io/ Connect with John: - LinkedIn - Take A Training Course with John SOC Analyst and Leadership Training Courses: - SEC450: Blue Team Fundamentals - Security Operations and Analysis - LDR551: Building and Leading Security Operations Centers SANS: - Cyber Defense Course List - Upcoming Training Events - Free tools, VMs, cheat sheets and more for cyber defenders