Azure Security
Azure Security ~ Posts by Teri Radichel
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
⚙️ Part of my series on Automating Cybersecurity Metrics. The Code.
🔒 Related Stories: Azure Security | Multicloud Security | Data Breaches
💻 Free Content on Jobs in Cybersecurity | ✉️ Sign up for the Email List
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
This is a compilation of my posts on Azure Security. Although I teach Azure Security classes, I prefer to use AWS most of the time when I’m doing security assessments and penetration testing. I have a lot more posts on AWS Security for that reason. But right now I’m teaching an Azure class so expect a few more Azure posts for a minute. Also, most of the concepts I write about on AWS Security can be translated to Azure Security. Maybe someday I’ll get around to writing about that translation.
Hackers as Cloud Customers
This post explains how attackers used AWS and Azure in the Solar Winds breach.
Solar Winds Breach Retrospective: Part 3
This post explains how Azure features such as MFA and Conditional Access might have prevented the Solar Winds Breach that basically took over Azure accounts. It also explains how understand who can grant application permissions in an Azure account is very important.
Risks of using a third-party IDP with Azure
Azure for Auditors
This is a presentation given about Azure to Auditors to explain what to look for on an Azure Audit or security assessment. New tools exist now in Azure that did not exist at the time of this presentation.
What is Cloud
To understand what cloud is, we can take a look at the evolution of technology that lead to “cloud.”
Azure Security Assessments
Tanja Janca (SheHacksPurple) and I gave this presentation at Microsoft Build, OWASP AppSec day in Melbourne, Australia, on her podcast, and the presentation went to DefCon but I opted out of that one.
Cloud Security Presentations
Many of my general cloud security presentations are applicable to Azure.
Azure Confidential VMs
In this post I took a look at Azure Confidential VMs to solve the problem of protecting data in memory and in use.
Homomorphic Encryption with Microsoft SEAL
True encryption in use — with limited applications and some caveats.
Private Networks on Azure
An Azure network is not private by default even when a VM only has a private IP address.
When the Cloud Runs Out of VMs
Related to the issues with Azure support, at one point I could not create a VM. Any VM. I contacted Azure support but I already told you how that went. Hopefully this is resolved now as people all over the world seemed to be having this problem at the time. This is a security problem because if you have an application with a vulnerability and need to deploy a VM and can’t — you have a denial of service issue. I did find a workaround described in this post.
Prevent Azure Uses from Creating New Tenants
In this post I reviewed a new Azure feature that is supposed to disallow users from creating new tenants. I found some interesting behavior when testing it.
Biggest Data Breaches in 2022
Microsoft and Azure are mentioned by various sources in the list of biggest breaches in 2022.
Runnig the Azure CLI On an AWS EC2 Ubuntu Linux Instance
Azure Support Diary (or Diatribe)
This is probably too boring to read in full but I documented my experience with Azure support for about an 8 week period. It was frustrating, but I hope by documenting it some of this got fixed. The biggest problems are:
#1. Azure Support sends things in email outside the support portal so they can’t be properly tracked.
#2. Azure support wasn’t looking at screenshots I uploaded.
#3. Constantly replies on tickets after I request to close them and couldn’t close them myself.
#4. Went around in circles for something that didn’t work for weeks before they finally admitted it was a bug. I also found and reported other bugs.
There’s more but those were the most egregious problems. I really hope this helped and some of these things got fixed because I have had these problems since Day 1 using Azure and it’s why I generally don’t pay for support. I end up resolving most of my problems on my own. If you can’t get the support you need when you need it, this could be a security problem. I presume larger companies that spend a lot more than I do get better support. :-)
Most of the posts I’ve written for other cloud environments in terms of attack vectors, architectures, and security controls are applicable in Azure. You would just implement them with Azure-specific constructs.
Follow for updates.
Teri Radichel | © 2nd Sight Lab 2022
About Teri Radichel:
~~~~~~~~~~~~~~~~~~~~
⭐️ Author: Cybersecurity Books
⭐️ Presentations: Presentations by Teri Radichel
⭐️ Recognition: SANS Award, AWS Security Hero, IANS Faculty
⭐️ Certifications: SANS ~ GSE 240
⭐️ Education: BA Business, Master of Software Engineering, Master of Infosec
⭐️ Company: Penetration Tests, Assessments, Phone Consulting ~ 2nd Sight LabNeed Help With Cybersecurity, Cloud, or Application Security?
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
🔒 Request a penetration test or security assessment
🔒 Schedule a consulting call
🔒 Cybersecurity Speaker for PresentationFollow for more stories like this:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
❤️ Sign Up my Medium Email List
❤️ Twitter: @teriradichel
❤️ LinkedIn: https://www.linkedin.com/in/teriradichel
❤️ Mastodon: @teriradichel@infosec.exchange
❤️ Facebook: 2nd Sight Lab
❤️ YouTube: @2ndsightlab
