Security Education
OffSec
iNE
Antisyphon
EC-Council
Applied Network Defense
Kaspersky
Sektor7
CompTIA
TCM Security
BlackHat
13Cubed
Dark Vortex
Enciphers
Forty North
Cyber warfare Labs
Maltrak
Scorpio Software
Security Onion
Zero Point Security
SentinelOne
Altered Security
SpecterOps
Pentester Academy
CQURE
PluralSight
StationX
Cybr
موسسههای دیگر
Applications are vital components of an enterprise. Hence application security also becomes an integral part of the enterprise network that helps prevent security vulnerabilities against various threats. Currently, most enterprises are leveraging Cloud services to deploy/host their applications. So, it is equally important to secure those applications. The attack surface for the applications deployed/hosted in the cloud changes drastically and varies between cloud service providers. Azure is a cloud service provider that offers multiple cloud services that are very popular in enterprise environments. In this course, we will explore and learn about various enterprise application services offered by Azure like App Service, Function Apps, Enterprise Applications, API Management, Cosmos DB, SQL Server etc. This hands-on class covers abusing application flaws/misconfiguration, features, and interoperability to compromise an enterprise-like live lab environment. Each student gets a dedicated lab! As a bonus, there is a shared lab to practice with fellow students. The class also covers security controls useful in defending against the discussed attacks.
Syllabus
- Introduction
- Applications (App Services, APIs)
- Authentication & Authorization
- Azure WAF
- App Registrations, Enterprise Apps & Conditional Access Policy
- Function Apps
- Key Vaults
- Storage Accounts
- Databases
- Application Proxy & Azure API Management
- Microsoft Defender for Cloud & Microsoft Defender for Cloud Apps
- Defense
