Building Better Cloud Detections…By Hacking? Azure Edition



As with any enterprise environment, we can (and should) focus on hardening our defenses to keep the adversaries out, but these defenses may some day be evaded via a variety of methods. Cloud is no different.

 

We will discuss the process of creating a detection that we can use as defenders to spot an adversary performing attack techniques against our Azure environments.

 

The overall process and takeaways will be:

  • Establish proper logging to detect the adversarial activity Perform the attack to generate the appropriate artifacts
  • Review the log event data
  • Create an automated process to quickly discover this activity
  • Test that the automated process is working effectively by "re-attacking" the Azure account

Speaker and Presenter Information

Ryan Nicholson

Relevant Government Agencies

Other Federal Agencies, Federal Government, State & Local Government

Members who viewed this event also viewed:


Event Type
Webcast


When
Thu, May 11, 2023, 10:00am ET


Cost
Complimentary:    $ 0.00


Website
Click here to visit event website


Organizer
SANS Institute


Contact Event Organizer



Return to search results