In 2021 I did a SANS Tech Tuesday Workshop on Cloud Attacks and Incident Response. In the past year, we've seen attacks against the cloud grow at an alarming rate, notably against Software as a Service (SaaS) platforms and hybrid application-to-cloud privilege escalation attacks.
It's hard to stay current and to keep up with attack trends. In this SANS Workshop, I want to help get you up to speed on attacks against cloud applications including Microsoft 365. This will be a hands-on event with lab time so you can apply these offensive and defensive concepts during the workshop. You'll build useful skills in cloud application attack and incident response that you'll be able to apply when you get back to work.
Prior to the workshop: Download the Cloud Application Attacks workshop lab. Double-click on the OVA file to import the VM with VMware. Boot the VM after import, then login with the username sec504 and the password sec504.
*Please note, we will not be able to troubleshoot or support local VM issues. It is highly encouraged that you download and verify login to the VM before the workshop.
VMware to launch a customized Slingshot Linux distribution (VMware Workstation Pro, VMware Workstation Player, or VMware Fusion for macOS; trial versions of all three are available, and VMware Workstation Player is available for free for non-commercial use.)
30 GB free hard drive space
At least 8 GB RAM