YoVDO

Attacking and Defending the Microsoft Cloud - Office 365 & Azure AD

Offered By: Black Hat via YouTube

Tags

Black Hat Courses Cybersecurity Courses DNS Courses Cloud Security Courses Cloud Administration Courses Password Spraying Courses

Course Description

Overview

Dive into a comprehensive exploration of attack vectors and defense strategies for the Microsoft Cloud, focusing on Office 365 and Azure AD, in this 50-minute Black Hat presentation. Learn about common threats such as password spraying, DNS attacks, and breach replay, while discovering effective countermeasures including conditional access, multi-factor authentication, and robust password policies. Gain insights into cloud administration, app permissions, and monitoring techniques to enhance your organization's security posture. Although centered on Microsoft's ecosystem, many concepts apply to other cloud providers as well. Equip yourself with the knowledge to protect your cloud infrastructure and stay ahead of potential threats in this informative session presented by Sean Metcalf and Mark Morowczynski.

Syllabus

Introduction
Overview
DNS
Password Spraying
Cloud Administration
App Permissions
Conditional Access
Breach Replay
Password Hashing
MFA
Monitoring
TFS
Password Policy
Azure AD Ban Password Policy
Azure AD Domain Controllers
Password Spray
How to Block Password Spray
Authorization Rules
Blocking Legacy Authentication
Wrap Up


Taught by

Black Hat

Related Courses

Architecting Microsoft Azure Solutions
Microsoft via edX Internetwork Security
Indian Institute of Technology, Kharagpur via Swayam Network Security
Georgia Institute of Technology via Udacity Microsoft Professional Orientation : Cloud Administration
Microsoft via edX Cyber Threats and Attack Vectors
University of Colorado System via Coursera