Quick Start Security for Zoom
Thank you!
We got your information.
Coralogix Extension For Zoom Includes:
Alerts - 8
Stay on top of Zoom key performance metrics. Keep everyone in the know with integration with Slack, PagerDuty and more.
A User Was Assigned A Privileged Role
This alert detects when a Zoom user was promoted to a privileged role. Impact Depends or the role, An adversary will want to add himself as an admin or a privileged user to get full access to the account resources such as users, meetings and data. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0004 MITRE Technique: T1548
New Meeting Passcode Required Disabled
This alert detects when meeting passcode requirement has been disabled from a user group. Impact Turning off the passcode requirement for new meetings can lead to unauthenticated access to meetings as well as other resources throughout the organizations account. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0005 MITRE Technique: T1562
Two Factor Authentication Disabled
This alert detects when the 2FA security setting has been disabled for your Zoom account. Impact An adversary could change this setting to gain access to other privileged accounts. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0006 MITRE Technique: T1556
Sign In Method Modified
This alert detects when the sign-in method has changed for your Zoom account. Impact An adversary might change the sign in method to disrupt day to day operations or use it to gain access to other privileged accounts. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0006 MITRE Technique: T1556
Sign In Requirements Changed
This alert detects a change in the sign-in requirements for your Zoom account. Impact An adversary might change the sign in requirements to disrupt day to day operations or use it to gain access to other privileged accounts. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0005 MITRE Technique: T1562
Automatic Sign Out Disabled
This alert detects when the setting - "automatically sign out external users after a specified period of time" has been disabled for your Zoom account. Impact Allowing guests and non SSO authenticated users to remain signed in to the organization's account can lead to unauthorized access to the zoom account's resources like meetings, calls and chats. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0005 MITRE Technique: T1562
All Meetings Secured With One Option Disabled
This alert detects when the setting - "require that all meetings are secured with one security option" has been disabled for your Zoom account.. Impact Potentially exposes new meetings to unauthorized guests and increases the risk of a compromise to your Zoom account and users data. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0005 MITRE Technique: T1562
Meeting Passcode Disabled
This alert detect when the meeting passcode requirement setting has been disabled from a user group. Impact Depends on the resource, please see the logs for more detail. Mitigation Validate this action has been approved. If it was not, revert changes and investigate further. MITRE Tactic: TA0009 MITRE Technique: T1125
Integration
Learn more about Coralogix's out-of-the-box integration with Zoom in our documentation.