• JIT Access

        • Self Service Secure Passwordless Authentication

        • JIT Policies

        • Effective Access Policy Control for your entire organization

        • PAM

        • Simplified Privileged Access Management for the cloud and onPrem

        • JIT Approvals

        • Secure Custom Non Repudiation Approvals Management

        • Healthcare

        • Learn how to completely secure the Healthcare environment.

        • Legacy Devices

        • Learn how to leverage our JIT platform to secure your legacy and IOT devices.

        • Vulnerability Mitigation

        • Discover how using JIT Access and PAM can prevent a variety of CVE’s and attacks.

        • Compliance

        • Learn more about how our audit and compliance tools can help you maintain compliance.

        • Passwordless

        • Going passwordless doesn’t have to be hard. Find out how we can get you up and running fast.

        • Protecting Users with Intent

        • Upgrade your security, reduce costs and empower your users by capturing intent.

Vulnerability Mitigation - Securing Entra and Outlook

In light of the emerging security issues, Microsoft is confronted with serious vulnerabilities in both its Outlook service (CVE-2023-23397) and Entra Active Directory (Azure AD). Discover how using JIT Access and PAM can prevent a variety of CVE’s and attacks.

Exploring the vulnerabilities

In light of the emerging security issues, Microsoft is confronted with serious vulnerabilities in both its Outlook service (CVE-2023-23397) and Entra Active Directory (Azure AD). Threat actors have exploited these vulnerabilities to carry out advanced cyber-attacks. This article delves into these vulnerabilities and how Next Level3 JIT Access and JIT Policies framework proactively mitigate these threats, leveraging Azure’s Protected Actions feature.

CVE-2023-23397 in Outlook

The CVE-2023-23397 vulnerability in Outlook presents a privilege escalation flaw that allows threat actors to steal NTLM hashes without any user interaction. By sending specially crafted emails, attackers can trigger a connection from the victim to an untrusted location under their control, leading to the leak of the victim's Net-NTLMv2 hash to an untrusted network.

Entra (Azure AD) Directory Flaw

Entra (Azure AD) carries a severe flaw that enables threat actors to install backdoors. This flaw also allows hackers to modify access rights, bypass multi-factor authentication, block admin access without appropriate logging, and collect data on policy configurations to facilitate future attacks.

How our JIT Identity solutions solve the problem

Next Level3’s security solutions are designed to address and prevent vulnerabilities such as CVE-2023-23397 and Azure AD flaw. They focus on three core areas: enhancing security protocols, improving existing infrastructure, and promoting a proactive approach to identifying and mitigating threats.

Layering Security Protocols

By layering security protocols, Next Level3's products effectively respond to different stages of an attack. They prevent unauthorized access and swiftly detect and neutralize threats before they cause significant damage. In the event that one system is breached, the other acts a backup preventing access.

Entra's Protected Actions

Next Level3 takes a proactive approach to threat mitigation, a part of which involves leveraging Entra's new Protected Actions feature. This feature improves Conditional Access by targeting individual high-risk actions in the Entra AD Portal, providing a defense-in-depth approach, and delivering optimized security for highly sensitive operations.

Enhancing Existing Systems

The products integrate seamlessly into existing infrastructures, which enhances their ability to detect and respond to threats. This means they can work with Entra AD's identity and access management service, enhancing their capabilities to resist any threats associated with its vulnerabilities.

Using Protected Actions

Protected Actions, when properly implemented, can effectively prevent privileged operations from being exploited, providing an additional layer of protection. The feature can be applied to specific user actions executed within the Azure AD portal, including those involving modifications to access rights and multi-factor authentication configurations.

How Protected Actions Work

The implementation of Entra’s Protected Actions feature follows a three-step process:

  1. Preparation
    This involves setting up ‘regular’ Conditional Access (CA) policies and migrating trusted IPs from the legacy MFA portal to ‘Named Locations’ in Entra (Azure AD).
  2. Configuration
    This step requires configuring Protected Actions and Conditional Access Rule, involving the creation of a new ‘Authentication Context’ and tagging the action with the Authentication Context.
  3. Administrator Experience and Logging
    This involves testing the behavior from the user who is included in the rule and has the ‘Conditional Access Administrator’ role. By using ‘Authentication Context’, ‘Protected Actions’, and ‘Conditional Access’, administrators can execute specific actions from a particular device or with a specific method.

Robust Defense

Next Level3’s products, combined with Entra’s new Protected Actions feature, form a robust defense mechanism to prevent the exploitation of vulnerabilities such as CVE-2023-23397 and the Entra AD flaw. These tools promote a proactive approach to security and offer comprehensive protection, ensuring the integrity and confidentiality of sensitive information and operations.

Automatic push attack aware protection without codes

Use your existing mobile or web FIDO2 supported devices

Why choose Next Level3?

Start Free Trial

JIT Access

Passwordless Identity seamlessly connected to your existing identity infrastructure.

JIT Policies

Redefine account control for your organization solving critical internal use cases.

JIT Approvals

Enable customized approvals for any application action preventing fraud and extending biometric protections into your application use cases.

Quick Links
Get In Touch

Patents and Patent Pending - © 2022 All Rights Reserved.

Privacy Preference Center

Consent Management

https:/privacy/

Required
This Privacy Policy describes Our policies and procedures on the collection, use and disclosure of Your information when You use the Service and tells You about Your privacy rights and how the law protects You. We use Your Personal data to provide and improve the Service. By using the Service, You agree to the collection and use of information in accordance with this Privacy Policy. We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service.

Necessary

These Cookies are essential to provide You with services available through the Website and to enable You to use some of its features. They help to authenticate users and prevent fraudulent use of user accounts. Without these Cookies, the services that You have asked for cannot be provided, and We only use these Cookies to provide You with those services. These Cookies allow us to remember choices You make when You use the Website, such as remembering your login details or language preference. The purpose of these Cookies is to provide You with a more personal experience and to avoid You having to re-enter your preferences every time You use the Website.

Cookies Used

Required
Session Cookies, Persistent Cookies, Flash Cookies

nextlevel3.com

Opt Out
nextlevel3.com

Advertising

Analytics

We use Cookies and similar tracking technologies to track the activity on Our Service and store certain information. Tracking technologies used are beacons, tags, and scripts to collect and track information and to improve and analyze Our Service.

Cookies Used

google-analytics.com

google-analytics.com

Opt Out
Web Beacons

Other

Scroll to Top