Abstract

In the rapidly evolving landscape of cloud computing, security remains a paramount concern, especially as attackers continuously refine their strategies to exploit vulnerabilities in widely used platforms like Azure. This session delves into the critical phase of initial access within the context of Azure cloud environments, offering attendees an in-depth exploration of sophisticated penetration techniques and how they can be identified and mitigated.

Participants will gain insights into three pivotal methods attackers use to gain a foothold in Azure-based systems: exploiting file upload mechanisms, leveraging Server-Side Template Injection (SSTI), and executing OS command injections. Each technique will be unpacked to reveal the underlying vulnerabilities, practical attack demonstrations, and effective defense strategies to fortify Azure deployments against such incursions.

This presentation is designed not only to shed light on the attackers' perspective but also to empower IT professionals, security analysts, and cloud architects with the knowledge and tools to enhance their Azure security posture. Through a blend of theoretical understanding and practical application, attendees will leave better equipped to anticipate, recognize, and counteract initial access attempts, thereby safeguarding their cloud environments against the evolving threats of the digital age.

Speaker

Pratik

Security Learner

Timing

Starts at Saturday February 17 2024, 05:30 PM. The sessions runs for 30 minutes.

Resources