Name: Blue Cloud of Death: Red Teaming Azure
Start: 2018-05-11T11:00:00-0600
End: 2018-05-11T11:45:00-0600

Blue Cloud of Death: Red Teaming Azure

Feedback form is now closed.

On-demand IT services are being publicized as the “new normal”, but often times these services are misunderstood and hence misconfigured by engineers which can frequently enable red teams to gain, expand, and persist access within Azure environments.

In this talk we will dive into how Azure services are commonly breached (e.g. discovering insecure blob storage), and then show how attackers are pivoting between the data & control planes (e.g. mounting hard disks, swapping keys, etc...) to expand access. Finally we will demonstrate some unique techniques for persisting access within Azure environments for prolonged periods of time.

Speakers

Bryce Kunz

S2.Security

Bryce Kunz (@TweekFawkes) is an Information Security Researcher located in Salt Lake City, Utah. Bryce currently leads the security offensive testing of Adobe's Marketing Cloud SaaS infrastructure via researching and developing custom exploits for web applications and other cloud... Read More →

Friday May 11, 2018 11:00am - 11:45am MDT
Track 3: SecureSet Denver 2228 Blake St #100, Denver, CO 80205

Type3

BSidesDEN 2018

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Bryce Kunz