Our next-gen architecture is built to help you make sense of your ever-growing data. Watch a 4-min demo video!

Quick Start Security for Zoom

Zoom
Zoom icon

Out-of-the-Box Security For Zoom Includes:

Alerts - 8

Stay on top of Zoom key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.

A User Was Assigned A Privileged Role

This alert detects when a Zoom user was promoted to a privileged role. Impact Depends or the role, An adversary will want to add himself as an admin or a privileged user to get full access to the account resources such as users, meetings and data. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0004 MITRE Technique: T1548

New Meeting Passcode Required Disabled

This alert detects when meeting passcode requirement has been disabled from a user group. Impact Turning off the passcode requirement for new meetings can lead to unauthenticated access to meetings as well as other resources throughout the organizations account. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0005 MITRE Technique: T1562

Two Factor Authentication Disabled

This alert detects when the 2FA security setting has been disabled for your Zoom account. Impact An adversary could change this setting to gain access to other privileged accounts. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0006 MITRE Technique: T1556

Sign In Method Modified

This alert detects when the sign-in method has changed for your Zoom account. Impact An adversary might change the sign in method to disrupt day to day operations or use it to gain access to other privileged accounts. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0006 MITRE Technique: T1556

Sign In Requirements Changed

This alert detects a change in the sign-in requirements for your Zoom account. Impact An adversary might change the sign in requirements to disrupt day to day operations or use it to gain access to other privileged accounts. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0005 MITRE Technique: T1562

Automatic Sign Out Disabled

This alert detects when the setting - "automatically sign out external users after a specified period of time" has been disabled for your Zoom account. Impact Allowing guests and non SSO authenticated users to remain signed in to the organization's account can lead to unauthorized access to the zoom account's resources like meetings, calls and chats. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0005 MITRE Technique: T1562

All Meetings Secured With One Option Disabled

This alert detects when the setting - "require that all meetings are secured with one security option" has been disabled for your Zoom account.. Impact Potentially exposes new meetings to unauthorized guests and increases the risk of a compromise to your Zoom account and users data. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0005 MITRE Technique: T1562

Meeting Passcode Disabled

This alert detect when the meeting passcode requirement setting has been disabled from a user group. Impact Depends on the resource, please see the logs for more detail. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0009 MITRE Technique: T1125

Documentation

Learn more about Coralogix's out-of-the-box integration with Zoom in our documentation.

Read More
Schedule Demo