Multi Cloud Security

beginner
hands-on

Register

Enterprises across the globe are moving to the Cloud Technology. The technical understanding and enormous cost of rewriting infrastructure applied applications to re-platform and work with the new cloud concept is a difficult task. The irregularities caused due to mis-understanding / deficit knowledge of New Cloud Concepts offered by leading Cloud Service Providers like AWS, Microsoft Azure and GCP etc have introduced multiple loopholes easily identified and exploited by Threat Actors to abuse and exploit the organization infrastructure.

Trainee will progress through advanced Real-World Cyber Attacks against various major Cloud Vendors like AWS, Microsoft Azure, GCP and Tactics, Techniques and Procedures (TTP’s) simulation in the lab environment.

Following topics will be covered during the session:

  1. Attacking - AWS Cloud Environment
    • Enumerating & Designing Attack Surface of AWS Cloud Services
    • Pivoting & Lateral Movement using AWS VPC
    • Post-Exploitation by abusing mis-configured AWS Services
    • Data Exfiltration from S3, RDS, STS & Secret Manager etc
  2. Attacking - Azure Cloud Environment
    • Enumerating & Designing Attack Surface of Azure Cloud Services
    • Pivoting Azure Control Plane to the Date Plane
    • Stealth Persistence Access of Azure account by Service Principal
    • Privilege Escalation by abusing mis-configured Role Based Access Control
  3. Attacking - Google Cloud Environment
    • Enumerating & Designing Attack Surface of Google Cloud Services
    • Post-Exploitation by abusing mis-configured Google Cloud Services
    • Privilege Escalation by exploiting mis-configured OAuth & IAM
    • Persistence Access of Google Cloud by Temporary / Permanent Access Token
  4. Attacking - Hybrid Cloud Environment
    • MITRE ATT&CK for Cloud
    • Enumerate & exploit widely used SaaS Services like O365 & G-Suite
    • Exploit Trusted Relationship for expanding the access

Lab Architecture

Lab Architecture is designed to cover all the attacks from both aspects that are demonstrated during the training sessions. We have a large simulated lab environment that have approx. 20 to 30 unique challenges that will be available to people during the class.

Target Audience: Targeted Audience may include the following group of people:

  1. Penetration Testers / Red Teams
  2. Cloud Security Professionals
  3. Cloud Architects
  4. SOC analysts
  5. Threat Hunting Team
  6. Last but not the least, anyone who is interested in strengthening their offensive capabilities in multi-Cloud environment

Pre-Requisites

  1. Fair Knowledge of Networking and Web Technology
  2. An Open mind
  3. No prior Cloud knowledge is required

Trainees should bring

  1. System with at least 8GB RAM
  2. Updated Web Browser

Trainees Takeaway

  1. Soft Copy of the Course Content
  2. Realistic Multi-Cloud Cyber Range enterprise environment demo
  3. Great Knowledge about the Offensive Cloud Techniques used by adversaries
  4. Defence Tactics & Techniques against the discussed offensive techniques

About Trainer

Manish Gupta is Director of CyberWarFare Labs in India having 6.5+ years of expertise in Offensive Information Security. Where he specializes in Offensive Security and Red Teaming Activities on enterprise Environment. A part-time Bug Bounty Hunter and CTF Player. His Research interest includes Real World Cyber Attack Simulation and Advanced persistent Threat (APT).

Previously he has spoken at reputed conferences like Blackhat USA 19, DEFCON 19, Nullcon 2020, BSIDES CT 20 where he showcased his red teaming toolkit “PivotSuite”. He is currently working on developing Opensource Offensive Security Toolkit which helps Red Teamers / Penetration Testers. Red / Blue Team trainings at Nullcon 21 & multiple corporate training.

Yash Bharadwaj, working as a technical architect at CyberWarFare Labs. Highly attentive towards finding, learning and discovering new TTP’s used during offensive engagements. His area of interest includes (but not limited to) building Red / Blue team infrastructure, evading AVs & EDRs, Pwning Active Directory infrastructure, stealth enterprise networks & Multi cloud attacks. Previously he has delivered hands-on red team trainings at BSIDES Ahmedabad, OWASP Seasides 20, Red & Blue Team Training at BSIDES Delhi, OWASP APPSEC Indonesia 20, CISO Platform 20 & YASCON 21. He has trained at various international conferences (Nullcon 21, BSIDES Connecticut). You can reach out to him on Twitter @flopyash