introduction
Get Your Head in the Clouds!
Before you can emulate or defend against the tactics of an adversary operating in Azure, first you must understand their perspective. How do premiere security operators view Azure’s infrastructure components, common architecture designs, and security controls? Through hands-on labs, this course teaches participants how to identify misconfigurations in Azure that are commonly leveraged by attackers. Participants should expect to walk away from Adversary Perspectives: Azure with a strong foundation of Azure security knowledge and first step on their journey of attacking or defending corporate Azure and Entra (Azure AD) environments.
course summary
Adversary Perspectives: Azure
Adversary Perspectives: Azure is the first installment in the SpecterOps Adversary Perspectives series. Known for our Adversary Tactics courses, we realized that there is often a gap of understanding that needs to be bridged before a practitioner is ready to start taking offensive or defensive actions in a particular environment. While other courses aim to simply build basic knowledge from a general user standpoint, this Adversary Perspectives class looks to teach security professionals from the viewpoint of an attacker. Don’t just look at your security posture in Azure, actually understand the abuse mechanisms and holistic security of your deployment.
Participants will build on this knowledge through an understanding of how Azure architectures, like solely cloud-based environments or hybridized on-premises and Azure environments, can affect the overall security of an environment. Throughout the course, participants will reinforce what they learn through hands-on labs and instruction given by SpecterOps practitioners.
Day 1
- Class Introduction
- Azure Basics
- Accounts and Identities
- Roles
- Groups
Day 2
- Function Apps
- Microsoft 365
- Virtual Machines
- MS Graph
Day 3
- OAuth
- Authentication Mechanisms
- Credential and Identity Syncing Mechanisms
Day 4
- Conditional Access Policies
- External Information Gathering
- Credential Collection
- Attack Lifecycle
Overview
Organizations have their heads in the clouds, or at least their infrastructure. Gone are the days of on-prem domain controllers and Exchange servers. Microsoft’s Azure provides organizations with the ability to deploy cloud hosts and services to augment, or in some cases, replace existing functionality completely. All of these new cloud assets need protection, both through traditional defensive security measures, and offensive security assessments. For new and veteran security professionals alike, understanding how these new technologies work and the nuances of securing them can quickly become complicated.
Adversary Perspectives: Azure aims to provide participants without previous Azure experience with a solid understanding of how attackers look at Microsoft Azure, its authentication mechanisms, and how they commonly attack Azure-based environments.
Training Participants
Who Should Take This Course
Azure Security Fundamentals is intended for security professionals of any experience level looking to learn more about the foundations of Azure security and common attacks against it.
OUR ECOSYSTEM
See What Else We Have to Offer
Private Training
If a public offering of the training classes does not fit your busy schedule, our team of experts are available to provide a private training offering to your organization. This is by far the best way for your team to get one on one access to the instructors and solidify the material. We provide all training material as well as laptops and classroom locations if needed.
SO Con Register
Sign up for SO-CON updates for the latest information: