Hiding in the Clouds - Abusing Azure DevOps Services to Bypass Microsoft Sentinel Analytic Rules
Overview
Explore a comprehensive 38-minute conference talk that delves into the vulnerabilities of Azure DevOps Services and demonstrates how to bypass Microsoft Sentinel analytic rules. Gain insights into performing various attacks against this cloud-based platform, including reconnaissance, privilege escalation, persistence, and defense evasion. Learn about defensive strategies to protect against these attacks and improve default Microsoft Sentinel analytic rules for Azure DevOps Services. Discover X-Force Red's Azure DevOps Services attack toolkit (ADOKit) and its capabilities in facilitating multiple attack scenarios. Presented by Brett Hawkins, this briefing offers valuable knowledge for cybersecurity professionals and Azure DevOps users seeking to enhance their understanding of cloud security vulnerabilities and mitigation techniques.
Syllabus
Hiding in the Clouds: Abusing Azure DevOps Services to Bypass Microsoft Sentinel Analytic Rules
Taught by
Black Hat