Blog post - Reducing your Office 365 attack surface — Part 1


Blog post - Reducing your Office 365 attack surface — Part 1

Being hackers at FalconForce, we are a bit paranoid by nature and by professional deformation. Every piece of IT we use (COTS or self-built), we aspire to make as secure and as hardened as possible. At FalconForce, we use Office365 for “day-to-day” office work and obviously, we tried configuring it as securely as possible.

Out of the box, Office 365 security is fairly good. I’m not aware of any public (serious) vulnerabilities in the past on the platform. However, also Microsoft has to make the trade-off between security and usability. And although I’m overall fairly happy with (almost) all choices they made for the general public, it wasn’t secure enough for us.

So early January, when we started FalconForce, I’ve set out to harden our Office 365 instance as much as we deemed fit. I was expecting to find plenty documentation, but was disappointed a bit. Although there was a lot of “guides” on hardening Office 365, most barely scratched the surface. Also, the official Microsoft documentation was nice, but not as elaborate as I hoped for. So I’ve documented all the changes we made to a vanilla Office 365 instance. Most of the changes are not direct mitigations of any security issue, but are aimed at attack surface reduction.

Cross post from, please read the full article here: