Objective

This beginner-friendly class is for application security professionals, developers and cloud security professionals. Improve your understanding of Azure Cloud, Azure AD, Authentication & Authorization process, Enterprise Apps, APIs, OAuth Permissions and more. Learn about Azure services used for deploying and running applications such as AppServices, Function Apps, Key Vaults, Storage Accounts, Databases, etc.

This hands-on class covers abusing application flaws/misconfiguration, features and interoperability to compromise an enterprise-like live lab environment. Each student gets a dedicated lab! As a bonus, there is a shared lab to practice with fellow students. The class also covers security controls useful in defending against the discussed attacks. The class will focus on methodology and techniques through instructor demos, exercises, and hands-on labs.

​Course Content
​
Module 1

Introduction to Azure

Azure AD Resources

Recon and Enumeration

Azure RBAC & ABAC

Applications

App Services

App Services – Abuse

Module 2

Rest APIs in Azure

Authentication & Authorization

Tokens

Managed Identity

Azure Web Application Firewall

App Registrations

Enterprise Apps

Module 3

Illicit Consent Grant Attack (OAuth Phishing)

Abusing Misconfigured Enterprise Apps

Function Apps

Function Apps – Abuse

Key Vaults

Key Vaults – Abuse

Storage Accounts

Storage Accounts – Abuse

Module 4

Databases

Application Proxy

Azure API Management

API Security

Microsoft Defender for Cloud Apps

Microsoft Defender for Cloud

Actionable Defense

​Who should take this course?
Application Security professionals, Developers, Red Teamers, Penetration Testers and Blue Teamers who would like to understand more about web application security and abuse in Azure.

​Student Requirements
Basic understanding of Application Security and Azure is desired but not mandatory.

​What students should bring
System with 4 GB RAM and ability to install OpenVPN client and RDP to Windows boxes.

Privileges to disable/change any antivirus or firewall.

​What students will be provided with
Attendees will get free one month access to two labs (practice lab and attack lab) configured like an enterprise environment, during and after the training.