Building Better Cloud Detections…By Hacking? Azure Edition

  • Thursday, 11 May 2023 10:00AM EST (11 May 2023 14:00 UTC)
  • Speaker: Ryan Nicholson

As with any enterprise environment, we can (and should) focus on hardening our defenses to keep the adversaries out, but these defenses may some day be evaded via a variety of methods. Cloud is no different.

We will discuss the process of creating a detection that we can use as defenders to spot an adversary performing attack techniques against our Azure environments.

The overall process and takeaways will be:

  • Establish proper logging to detect the adversarial activity Perform the attack to generate the appropriate artifacts
  • Review the log event data
  • Create an automated process to quickly discover this activity
  • Test that the automated process is working effectively by "re-attacking" the Azure account

This webcast supports the 2-hour hands-on workshop “Building Better Detections – Azure Edition”. You can register for one, the other, or both.