Building Better Cloud Detections…By Hacking? Azure Edition
As with any enterprise environment, we can (and should) focus on hardening our defenses to keep the adversaries out, but these defenses may some day be evaded via a variety of methods. Cloud is no different.
We will discuss the process of creating a detection that we can use as defenders to spot an adversary performing attack techniques against our Azure environments.
The overall process and takeaways will be:
- Establish proper logging to detect the adversarial activity Perform the attack to generate the appropriate artifacts
- Review the log event data
- Create an automated process to quickly discover this activity
- Test that the automated process is working effectively by "re-attacking" the Azure account
Speaker and Presenter Information
Ryan Nicholson
Relevant Government Agencies
Other Federal Agencies, Federal Government, State & Local Government
Event Type
Webcast
When
Thu, May 11, 2023, 10:00am
ET
Cost
Complimentary: $ 0.00
Website
Click here to visit event website
Organizer
SANS Institute