Join us December 18th for our BloodHound Live: Monthly Release Recap! Register Now
training courses

Azure
Security Fundamentals

Explore All Upcoming

  • Sign Up For Training Updates

  • This field is for validation purposes and should be left unchanged.

introduction

Get Your Head in the Clouds!

Explore All Upcoming

Have you found yourself in a job role needing to attack or defend Azure architecture? Has your fast-paced organization moved to the cloud while leaving security to catch up? Azure: Security Fundamentals cuts through the fog of the cloud by building participants’ understanding of Azure’s infrastructure components, common architecture designs, and security controls in the context of the attacker lifecycle. Through hands-on labs, this course also teaches participants how to identify misconfigurations in Azure that are commonly leveraged by attackers. Participants should expect to walk away from Azure: Security Fundamentals with a strong foundation of Azure security knowledge and first step on their journey of attacking or defending corporate Azure environments.

Trainings
April 2 – 5, 2025 9:00am – 5:00pm ET   |   hybrid
Azure Security Fundamentals at SO-CON 2025
course summary

Azure Security Fundamentals

This course will teach participants the fundamentals of Azure, with a focus on security informed by attacker insight. Participants will build on this knowledge through an understanding of how Azure architectures, like solely cloud-based environments or hybridized on-premises and Azure environments, can affect the overall security of an environment. Participants reinforce what they learn through hands-on labs throughout the course and through guidance given by SpecterOps practitioners instructing the class.

  • Class Introduction
  • Azure Basics
  • Accounts and Identities
  • Roles
  • Groups
  • Function Apps
  • Microsoft 365
  • Virtual Machines
  • MS Graph
  • OAuth
  • Authentication Mechanisms
  • Credential and Identity Syncing Mechanisms
  • Conditional Access Policies
  • External Information Gathering
  • Credential Collection
  • Attack Lifecycle
Overview

Overview

Organizations are increasingly adopting cloud-based infrastructure for some or all of its corporate production network. Microsoft’s Azure provides organizations with the ability to deploy cloud hosts and services to augment or replace existing functionality. More cloud resources implemented means more cloud resources needing protecting, through defensive or offensive security, but understanding how these new technologies work and the nuances of securing them can quickly become complicated.

Azure Security Fundamentals aims to provide participants without previous Azure experience with a solid foundational understanding of Microsoft Azure, its common architectures, its authentication mechanisms, and how adversaries commonly attack Azure-based environments.

Training Participants

Who Should Take This Course
Participant Requirements
What Participants Should Bring
Participants Receive

Who Should Take This Course

Azure Security Fundamentals is intended for security professionals of any experience level looking to learn more about the foundations of Azure security and common attacks against it.

OUR ECOSYSTEM

See What Else We Have to Offer

Private Training

If a public offering of the training classes does not fit your busy schedule, our team of experts are available to provide a private training offering to your organization. This is by far the best way for your team to get one on one access to the instructors and solidify the material. We provide all training material as well as laptops and classroom locations if needed.

Private Trainings