Azure Application Security:
Beginner's Edition [TBD]
Master application security in Azure. Learn how Azure apps are attacked, and how to secure them with appropriate security controls. Practice attacker techniques in a lab environment simulating a real-world enterprise. Earn the CAWASP (Certified Azure Web Application Security Professional) certification.
Starts: TBD Duration: 4 weeks
Recordings of live sessions included!
What You Will Learn
This 4-week beginner-friendly bootcamp is for application security professionals, developers and cloud security professionals. Improve your understanding of Azure Cloud, Azure AD, Authentication & Authorization process, Enterprise Apps, APIs, OAuth Permissions and more. Learn about Azure services used for deploying and running applications such as AppServices, Function Apps, Key Vaults, Storage Accounts, Databases, etc.
This hands-on class covers abusing application flaws/misconfiguration, features and interoperability to compromise an enterprise-like live lab environment. Each student gets a dedicated lab! As a bonus, there is a shared lab to practice with fellow students. The class also covers security controls useful in defending against the discussed attacks. The Bootcamp will focus on methodology and techniques through instructor demos, exercises, and hands-on labs.
4 Live Sessions
3.5 Hrs Per Session
4 Weeks Access
50 Flags To Be Collected
25 Lab Exercises
1 CAWASP Attempt
Recordings Of Live Sessions
Build Your Cybersecurity Credentials
Become a Certified Azure Web Application Security Professional (CAWASP)
The Certified Azure Web Application Security Professional (CAWASP) certification demonstrates hands-on knowledge of application security in Azure. A CAWASP holder is proficient in assessing security of Azure web application technologies and understands security controls used for defense.
With this certification, you declare your expertise in different facets of Azure WebApp security: Enterprise Apps, App Services, OAuth Permissions, API Security, Storage Accounts, Key Vaults, Databases, WAF, MDCA, MDC & more.
Bootcamp Completion Certificate
Attendees will also get a course completion certificate after completing Learning Objectives covered during the course.
Live Session Schedule
Weekly 3.5 hr sessions start at 10:00am ET and end at 1:30pm ET.
DATE
LIVE SESSIONS
TBD
Introduction to Azure, Azure RBAC & ABAC, Introduction to Application in Azure, Abuse Azure App services
TBD
Authentication & Authorization process, REST APIs and Tokens Understanding WAF and WAF bypass techniques.
TBD
Abuse Enterprise Apps, Attacks using OAuth Permissions and Microsoft Graph API Abuse, Priv Esc, Persistence, Abusing Functions Apps.
TBD
Key Vaults for extracting secrets and Lateral Movement, Attacking Storage accounts and Database Services, API Management and Security. MDC and their bypasses.
Prerequisites
1. A basic understanding of Application security and Azure is desired but not mandatory
2. System with 4 GB RAM and ability to install OpenVPN client and RDP to Windows boxes
3. Privileges to disable/change any antivirus or firewall
Bootcamp Syllabus
The course is split in four modules across four weeks:
Module I:
Introduction to Azure Cloud
Recon, Discovery and Enumeration
Azure RBAC Roles and ABAC
Rest APIs in Azure
Authentication & Authorization
Deep dive into OAuth
Authentication methods supported by Azure
Module II:
Tokens in Azure and their use in attacks
About App Registrations
About Enterprise Apps (Supported credentials, App roles and claims etc.)
Attacking App Registrations and Enterprise Apps
OAuth Permissions and their abuse (Privilege Escalation, Persistence and Lateral Movement)
Consents and Permissions in Azure
Illicit Consent Grant Attack (OAuth Phishing)
Microsoft Graph API and its abuse
Module III:
Abuse Azure services for Extracting secrets, Priv Esc, Persistence and Lateral Movement
About App Services (Deployment, Configuration, SCM etc.)
Attacking App Services by abusing app vulnerabilities and interoperability with other Azure services
About Function Apps (Durable Function Apps, Triggers, Deployment etc.)
Attacking Function Apps (Abusing integration with other Azure services)
Understanding and Attacking Key Vaults (Access Policies, Retention Policies etc.)
Understanding and Attacking Storage Accounts (Management plane to Data plane, SAS tokens, Connection Strings, Shared key, Information gathering from Metadata)
Module IV:
Understanding and abusing Databases Services in Azure (Cosmos DB, SQL Server etc.)
Understanding Application Proxy
Azure API Management and API Security
Defending Applications in Azure (Web Application Firewall, Microsoft Defender for Cloud Apps and Microsoft Defender for Cloud)
Bypassing Defenses
Purchase Options
Bootcamp
30 DAYS LAB ACCESS
+
BOOTCAMP
+
LIFE TIME ACCESS TO COURSE MATERIAL
+
ONE CERTIFICATION EXAM ATTEMPT
$399
Extension
30 DAYS
LAB EXTENSION
+
ONE COMPLEMENTARY EXAM ATTEMPT
$249
Bootcamp
60 DAYS LAB ACCESS
+
BOOTCAMP
+
LIFE TIME ACCESS TO COURSE MATERIAL
+
ONE CERTIFICATION EXAM ATTEMPT
$599
Reattempt
EXAM
REATTEMPT
$99
Bootcamp
90 DAYS LAB ACCESS
+
BOOTCAMP
+
LIFE TIME ACCESS TO COURSE MATERIAL
+
ONE CERTIFICATION EXAM ATTEMPT
$799
Exam Reattempt is only for existing or past students of this course who have already purchased this course in the past.
Nikhil Mittal
MEET THE INSTRUCTOR
Nikhil Mittal is a hacker, infosec researcher, speaker and enthusiast. His area of interest includes red teaming, Azure and active directory security, attack research, defense strategies and post exploitation research. He has 15+ years of experience in red teaming.
He specializes in assessing security risks at secure environments that require novel attack vectors and "out of the box" approach. He has worked extensively on Azure AD, Active Directory attacks, defense and bypassing detection mechanisms.
Nikhil has trained more than 10000 security professionals in private trainings and at the world’s top information security conferences.
He has spoken/trained at conferences like DEF CON, BlackHat, BruCON and more.
He is the founder of Altered Security - a company focusing on hands-on enterprise security learning - https://www.alteredsecurity.com/