Replies: 1 comment 1 reply
-
|
Definitely agree it would be excellent to add this type of information over time. Agree that so much will be app-specific though and might be overwhelming. I'm not sure where the best place to start is though. Perhaps guidance that affects lots of SaaS apps, such as around OAuth integrations and logs? |
Beta Was this translation helpful? Give feedback.
-
|
Yeah there are some blog posts on IR and OAuth, perhaps a first step is to add that as a ref for all the OAuth related techniques? I guess another idea would be to just put an "Indicators" or similar in the examples - as those are already app-specific. Maybe someone else has a good idea. |
Beta Was this translation helpful? Give feedback.
-
Few folks have suggested we add something for defenders - so perhaps so info on how to detect these attacks, and info for IR teams.
I think this would be mega useful.
It feels like guidance for IR teams may be something we can do more generically than detection which will be very app-specific in most cases, thoughts?
Beta Was this translation helpful? Give feedback.
All reactions