Azure Cloud Attacks for Red and Blue Teams

More than 95 percent of Fortune 500 use Azure today! A huge number of organizations now use Azure AD as an Identity and Access Management platform using the hybrid cloud model. This makes it imperative to understand the risks associated with Azure as identities of users across an enterprise are authenticated using it. This hands-on training aims towards abusing Azure and a number of services offered by it. We will cover multiple complex attack lifecycle against a lab containing multiple live Azure tenants. You get one month access to a live Azure lab environment containing multiple tenants during and after the class. Non-exhaustive list of topics: Introduction to Azure AD Discovery and Recon of services and applications Enumeration Initial Access Attacks Enumeration post authentication Privilege Escalation Lateral Movement Persistence techniques Data Mining Defenses, Monitoring and Auditing Bypassing Defenses