top of page
Azure Application Security Lab (CAWASP)

Azure Application Security Lab Objectives:

Applications are vital components of an enterprise. Hence application security also becomes an integral part of the enterprise network that helps prevent security vulnerabilities against various threats. Currently, most enterprises are leveraging Cloud services to deploy/host their applications. So, it is equally important to secure those applications. The attack surface for the applications deployed/hosted in the cloud changes drastically and varies between cloud service providers.

Azure Application Security Lab (CAWASP)

Azure is a cloud service provider that offers multiple cloud services that are very popular in enterprise environments. In this course, we will explore and learn about various enterprise application services offered by Azure like App Service, Function Apps, Enterprise Applications, API Management, Cosmos DB, SQL Server etc.

This hands-on class covers abusing application flaws/misconfiguration, features, and interoperability to compromise an enterprise-like live lab environment. Each student gets a dedicated lab! As a bonus, there is a shared lab to practice with fellow students. The class also covers security controls useful in defending against the discussed attacks.

Are you an Application Security professional, Developer, or Cloud Security professional and want to level up your skills in securing and assessing modern applications hosted in Azure ? Then this course has something for everyone to learn and improve by and practicing in the lab environment. The course will focus on methodology and techniques through instructor demos, exercises, and hands-on labs.

The lab includes access to a 17+ hours course content.

What will you Learn?

The Azure Application Security course will enable you to:

  • Improve your skills by exploiting vulnerabilities like RCE, Blind RCE, SSTI, LFI and many more in modern web applications hosted in our live Azure lab.

  • Learn to bypass defenses like Conditional Access by abusing MS Graph API and evading Azure WAF.

  • Understand and abuse App Registrations & Enterprise Apps in a live Azure lab.

Azure Application Security Lab (CAWASP)
  • Execute attacks against modern cloud native database services like Cosmos DB.

  • Learn about various Authentication & Authorization methods, Access Control methods supported by Azure and its services.

  • Practice and execute attacks against services used to develop and deploy applications in Azure.

  • Understand how the applications are deployed by leveraging App Service and Function Apps

  • service offered by Azure and explore supported configuration options. Execute attacks against misconfigured services.

  • Executer attacks against services that store sensitive information or data in the cloud. Understand how to manage access to those services and explore ways to gain access to those data.

  • Learn and explore services like Azure WAF, Conditional Access, MDCA, CASB, MDC that help the enterprise protect against attacks on Identities, Applications, Azure tenants, etc.

bottom of page