Skip to content

Digital Ruins SIM Portfolio

Conditional Access Policy

Digital Ruins SIM Portfolio

Home
About
Governance SIMs
Governance SIMs
- MFA Ghost
  MFA Ghost
- Shiny Trust Breach
  Shiny Trust Breach
- Trust Betrayal
  Trust Betrayal
- Human Failure Vector
  Human Failure Vector
  - Overview
MFA
MFA
- Conditional Access Policy
- MFA Reference Pack
Playbooks
Playbooks
- Audit Log Playbook

Conditional Access Policy (Extract)

Deny-by-default
Device compliance required (managed or attested)
High-risk sign-ins require phishing-resistant MFA
Exceptions reviewed with compensating controls and expiry