Sergey Chubarov – Offensive Azure Security – YouTube

These days, working with a cloud platform is already commonplace. Companies choose Microsoft Azure for a number of benefits, including security. But there are some responsibility on the customer side and that’s may become weakest link in the chain.

A demo-based session shows attacks on the weakest link.

Penetration testers and red teamers will find steps that can be used in their assessments, defenders will get ideas on what should be protected.

The session includes:
– Pentesting Azure AD Connect
– Bypassing authentication & MFA
– Getting control over Compute
– Extracting secrets
– Exploring Azure Web App Firewall

source