Cloud Forensics in Azure Junior - 3 jours
Description
Microsoft Azure is widely deployed in many companies. Cloud services like M365 email, virtual machines, or managed databases are typical attack targets. As the keystone of these infrastructures' security, managing permissions and authentication plays an especially important role. Most scenarios encountered during an incident use methods far removed from on-premise systems.
Facing these threats, digital forensics must also evolve. The analysis of distributed logs, correlation of events via APIs, and a detailed understanding of the Azure ecosystem are indispensable. This course has been designed to bring you the essential technical know-how and investigation methodology to analyze and respond to security incidents in the cloud.
-
3 days (21 hours)
-
Microsoft Azure concepts, products and caveats
-
Review of the most popular attacks and investigation procedures
Public et prérequis
This training is suitable for individuals who have encountered security incidents before and are concerned about cloud incident. Technical skills are required in order to understand cloud attack and connect to CLI console (from linux shell).
Previous understanding and usage of PowerShell is a plus.
Contenu
Day 1
Understanding Cloud Forensics. Key difference with traditional forensic. Setup an investigation environment. Essential tools and script to use. What is Azure ? Explain what is Azure & M365. Where to activate and find logs. The License hell. EntraID. Sign-in and roles. Tenant configuration. Cloud Application. Understanding Conditional Access bypass. MS Graph API.
Day 2
M365. BEC scenario. Exchange online. Hunt for backdoored account. Azure subscription. Logs for resources. Virtual Machine, Azure storage and managed service. Tenant parameters. Mapping the logs.
Day 3
Dive in KQL. Centralization strategy. Query and Explore. Explore logs analytics. Checklist with investigation tools. Hands-on lab during the 3 days.
Nous joindre
N'hesitez pas à nous contacter afin de nous faire part de vos besoins. Notre équipe commerciale se tient à votre disposition pour répondre à toutes vos questions.
Contacts commerciaux
