Posts on Azure Security by Teri Radichel
This is a compilation of my posts on Azure Security. Although I teach Azure Security classes, I prefer to use AWS most of the time when I’m doing security assessments and penetration testing. I have a lot more posts on AWS Security for that reason. But right now I’m teaching an Azure class so expect a few more Azure posts for a minute. Also, most of the concepts I write about on AWS Security can be translated to Azure Security. Maybe someday I’ll get around to writing about that translation.
Hacker as Cloud Customers
This post explains how attackers used AWS and Azure in the Solar Winds breach.
Solar Winds Breach Retrospective: Part 3
This post explains how Azure features such as MFA and Conditional Access might have prevented the Solar Winds Breach that basically took over Azure accounts. It also explains how understand who can grant application permissions in an Azure account is very important.
SolarWinds Hack: Retrospective
Azure for Auditors
This is a presentation given about Azure to Auditors to explain what to look for on an Azure Audit or security assessment. New tools exist now in Azure that did not exist at the time of this presentation.
https://medium.com/media/16074d5ea3c3fedf8d977c0e5b7a44cd/href
Azure Security Assessments
Tanja Janca (SheHacksPurple) and I gave this presentation at Microsoft Build, OWASP AppSec day in Melbourne, Australia, on her podcast, and the presentation went to DefCon but I opted out of that one.
https://medium.com/media/784c659aae32ccc790c29a3c36b189a4/href
Cloud Security Presentations
Many of my general cloud security presentations are applicable to Azure.
When the Cloud Runs Out of VMs
Related to the issues with Azure support, at one point I could not create a VM. Any VM. I contacted Azure support but I already told you how that went. Hopefully this is resolved now as people all over the world seemed to be having this problem at the time. This is a security problem because if you have an application with a vulnerability and need to deploy a VM and can’t — you have a denial of service issue. I did find a workaround described in this post.
When the cloud runs out of VMs
Prevent Azure Uses from Creating New Tenants
In this post I reviewed a new Azure feature that is supposed to disallow users from creating new tenants. I found some interesting behavior when testing it.
Prevent Azure Users from Creating Tenants (Maybe)
Azure Support Diary (or Diatribe)
This is probably too boring to read in full but I documented my experience with Azure support for about an 8 week period. It was frustrating, but I hope by documenting it some of this got fixed. The biggest problems are:
#1. Azure Support sends things in email outside the support portal so they can’t be properly tracked.
#2. Azure support wasn’t looking at screenshots I uploaded.
#3. Constantly replies on tickets after I request to close them and couldn’t close them myself.
#4. Went around in circles for something that didn’t work for weeks before they finally admitted it was a bug. I also found and reported other bugs.
There’s more but those were the most egregious problems. I really hope this helped and some of these things got fixed because I have had these problems since Day 1 using Azure and it’s why I generally don’t pay for support. I end up resolving most of my problems on my own. If you can’t get the support you need when you need it, this could be a security problem. I presume larger companies that spend a lot more than I do get better support. 🙂
Azure Support Diary (or Diatribe)
Most of the posts I’ve written for other cloud environments in terms of attack vectors, architectures, and security controls are applicable in Azure. You would just implement them with Azure-specific constructs.
Follow for updates.
Teri Radichel
If you liked this story please clap and follow:
******************************************************************
Medium: Teri Radichel or Email List: Teri Radichel
Twitter: @teriradichel or @2ndSightLab
Requests services via LinkedIn: Teri Radichel or IANS Research
******************************************************************
© 2nd Sight Lab 2022
____________________________________________
Author:
Cybersecurity for Executives in the Age of Cloud on Amazon
Need Cloud Security Training? 2nd Sight Lab Cloud Security Training
Is your cloud secure? Hire 2nd Sight Lab for a penetration test or security assessment.
Have a Cybersecurity or Cloud Security Question? Ask Teri Radichel by scheduling a call with IANS Research.
Cybersecurity & Cloud Security Resources by Teri Radichel: Cybersecurity and Cloud security classes, articles, white papers, presentations, and podcasts
Azure Security was originally published in Cloud Security on Medium, where people are continuing the conversation by highlighting and responding to this story.