Red Canary Office Hours: Episode 13 – The exploitation of SAP NetWeaver CVE-2025-31324
This week on Red Canary Office Hours, Keith breaks down the latest Ops Insight on the exploitation of SAP NetWeaver CVE-2025-31324.
He’s then joined by Sam Straka, Group Product Manager at Red Canary, for a deep dive into Conditional Access policies.
Resources mentioned in this episode:
Requests? Questions? Send us an email: officehours@redcanary.com
Join us every Tuesday at 1PM ET for fresh insights from the front lines and unfiltered takes on the biggest cybersecurity news and trends. Sign up now.
Timestamps:
- 00:05 – Welcome to Red Canary Office Hours
- 01:58 – Ops Insight: SAP NetWeaver CVE-2025-31324
- 05:37 – Conditional Access policies
- 07:40 – Why Conditional Access?
- 13:38 – Conditional Access: Entra ID vs. Okta
- 16:37 – 5 required Conditional Access policies
Related Resources
Red Canary Office Hours: Episode 25 – June 2025 top threats
Red Canary Office Hours: Episode 25 – June 2025 top threats
Intelligence Insights: July 2025
Intelligence Insights: July 2025
Red Canary Office Hours: Episode 24 – ClickFix technique continues to be popular among threat actors
Red Canary Office Hours: Episode 24 – ClickFix technique continues to be popular among threat actors
Red Canary Office Hours: Episode 23 – Beyond the firewall: Inside threat hunting & mobile attack trends (AMA)
Red Canary Office Hours: Episode 23 – Beyond the firewall: Inside threat hunting & mobile attack trends (AMA)