Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Attacking and Defending the Microsoft Cloud - Office 365 & Azure AD

Black Hat via YouTube

Overview

Dive into a comprehensive exploration of attack vectors and defense strategies for the Microsoft Cloud, focusing on Office 365 and Azure AD, in this 50-minute Black Hat presentation. Learn about common threats such as password spraying, DNS attacks, and breach replay, while discovering effective countermeasures including conditional access, multi-factor authentication, and robust password policies. Gain insights into cloud administration, app permissions, and monitoring techniques to enhance your organization's security posture. Although centered on Microsoft's ecosystem, many concepts apply to other cloud providers as well. Equip yourself with the knowledge to protect your cloud infrastructure and stay ahead of potential threats in this informative session presented by Sean Metcalf and Mark Morowczynski.

Syllabus

Introduction
Overview
DNS
Password Spraying
Cloud Administration
App Permissions
Conditional Access
Breach Replay
Password Hashing
MFA
Monitoring
TFS
Password Policy
Azure AD Ban Password Policy
Azure AD Domain Controllers
Password Spray
How to Block Password Spray
Authorization Rules
Blocking Legacy Authentication
Wrap Up

Taught by

Black Hat

Reviews

Start your review of Attacking and Defending the Microsoft Cloud - Office 365 & Azure AD

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.