Hiding in the Clouds: Abusing Azure Dev Ops Services to Bypass Microsoft Sentinel Analytic Rules
presentation will give a background on Azure DevOps Services, along with showing how to perform several attacks against the cloudbased platform. These attacks will include reconnaissance, privilege escalation, persistence, and defense evasion. The attacks will be shown to bypass default Microsoft Sentinel analytic rules for Azure DevOps Services. Defensive guidance will be provided on protecting against these attacks and improving the default Microsoft Sentinel analytic rules for Azure DevOps Services. Additionally, XForce Red s Azure DevOps Services attack toolkit (ADOKit) will be shown to perform and facilitate several of these attacks. By: Brett Hawkins Full Abstract and Presentation Materials:
|
|