Your course
As organizations rapidly adopt Microsoft Azure, the risk of misconfigurations and security gaps grows, making cloud environments a prime target for attackers. Understanding offensive security techniques in Azure is critical for penetration testers, security professionals, and cloud engineers aiming to assess and fortify cloud security.
This intensive 2-day hands-on training is designed to teach real-world attack techniques used against Azure environments. Participants will explore the entire attack chain, from reconnaissance and initial access to lateral movement, token theft, cloud-to-on-prem pivoting, and privilege escalation. The training also includes bypassing conditional access policies, abusing misconfigured identities, and leveraging automation services for persistence.
With 18+ hands-on labs, attendees will step into the attacker’s mindset, executing live exploitation scenarios while gaining expertise in offensive tooling, enumeration methods, and security bypasses. This training, led by seasoned cloud security professionals, provides an in-depth understanding of Azure hacking techniques while covering mitigation strategies to help organizations secure their cloud infrastructure effectively.
Who it’s for
- Cloud administrators and architects
- Penetration testers and red teamers
- CSIRT/SOC analysts and engineers/blue teams
- Developers
- Security/IT managers and team leads
This course is suitable for anyone with a stake or interest in Azure cloud security, from technical practitioners to decision-makers. The syllabus is designed to cover Azure cloud misconfigurations and advanced hacking techniques while equipping participants with the skills to conduct penetration tests on cloud environments and identify security gaps effectively.
Additionally, this course provides a practical, hands-on approach to cloud penetration testing, allowing participants to apply the acquired skills directly in their day-to-day pen-testing activities. By following a structured pen-testing methodology, attendees will gain real-world experience in assessing, exploiting, and understanding Azure security risks.
Delegates must have the following to make the most of the course:
- Basic to intermediate knowledge of cybersecurity (1.5+ years’ experience)
- Experience with common command line syntax of Azure Cloud CLI
Top 3 takeaways
- Execute exploit labs in a kill-chain sequence, escalating privileges by compromising multiple Azure services.
- Learn effective enumeration techniques to identify misconfigurations within the cloud environment
- Understand Microsoft Entra ID misconfigurations and master techniques to bypass Conditional Access Policies for privilege escalation.
What you’ll learn
This course uses a Defence by Offense methodology based on real-world engagements and offensive research, not theory. Everything taught has been tried and tested in live environments and our labs, ensuring it can be applied immediately after the course. By the end of the course, you’ll know how to:
- Think and behave like an advanced, real-world threat actor.
- Identify and exploit complex misconfigurations in Microsoft Azure.
- Design your penetration tests around real-world attacker behaviours and tooling, making them relevant to the threats facing your organization.
- Identify the attack surface exposure created by cloud-based services such as virtual machines (VMs), buckets, container as a service (CaaS) platforms, and serverless functions.
What you’ll be doing
You’ll be learning hands on:
- Spending most of the session (~70%) on lab-based exercises
- Using lab-based flows to explore and hack lifelike cloud environments
- Exploiting, defending, and auditing different cloud and container environments
- Competing in a Capture the Flag (CTF) challenge to test your new skills
- Discussing case studies with your course leader to understand the real-world impact of the hacks covered
Why it’s relevant
The cybersecurity skills shortage is felt perhaps nowhere as deeply as in the cloud. With new rulebooks and standards, practitioners often find themselves playing catch up with the latest developments in technology and in the threat landscape. This course is designed to be a highly informative boot camp to help you advance your skills in the most important and relevant areas of cloud security. Across 2 days, you’ll learn about the high-impact misconfigurations and flaws that could be open in your organization right now and how to fix them.
Our syllabuses are revised regularly to reflect the latest in-the-wild hacks, the newest system releases, and whatever proof of concepts we’ve been developing in our own research. Because they remain so up to date with the threat landscape and security industry standard, many delegates return every 1–2 years to update their skills and get a refresh.
