Overview
Explore advanced attack vectors in Azure environments through this 51-minute conference talk from Security BSides San Francisco. Delve into the implications of Microsoft's integration of Azure IaaS services and Office 365 products into a single ecosystem, which centralizes permissions and roles. Gain insights into core Azure concepts and witness demonstrations of various privilege escalation techniques. Learn how attackers can potentially exploit this centralized structure and understand the security challenges posed by the unified Azure ecosystem.
Syllabus
BSidesSF 2023 - Advanced Attack Vectors in Azure Environments (Zur Ulianitzky, Bill Ben Haim)
Taught by
Security BSides San Francisco