Zero Permissions, Full Impact :
Abusing Azure’s Global ARM APIs
24 April 2026 | 10:00 AM ET | 2+ Hours Duration
Overview
Azure App Service is a platform that allows you to run web apps, APIs, or mobile backends without managing servers. It takes care of the underlying infrastructure and supports multiple runtimes. It also integrates with code repositories to automate build and deployment processes, making application delivery faster and more efficient.
In Azure, all management operations are handled by the Azure Resource Manager (ARM) API, which routes requests for creating, updating or deleting resources. Access via ARM API is controlled via role-based access control (RBAC), so users including guests with no default permissions can act only if appropriate role is assigned at a specific scope. However, this raises an important question: what happens when certain ARM API endpoints do not behave as expected?
In this webinar, we will explore how some ARM API endpoints particularly those that operate at a global level can be abused to bypass traditional RBAC authorization boundaries. We will analyze their behavior, demonstrate how they can be leveraged to retrieve sensitive information from resources in a target tenant, and discuss the potential impact of such techniques. Finally, we will cover practical mitigations to help reduce the associated risks.
.png)
Register
Unlock exclusive offers, webinars & giveaways
Attend Live Webinar
24 April 2026 | 10:00 AM ET | 2+ Hours Duration
Practice Attacks
Explore challenges and labs focused on Azure Security and Red Teaming on the Red Labs Platform
Get Webinar Participation Certificate
Unlock Exclusive Offers
Flat 20% OFF on Cloud Red Team Tactics for Attacking & Defending Azure – Beginner's (CARTP®) & Cloud Red Team Tactics for Attacking & Defending Azure – Advanced (CARTE®).
Prajwal Kumar Pandey
MEET THE INSTRUCTOR
Prajwal is a Security Researcher at Altered Security with experience securing Azure, AWS and SaaS environments. His work spans threat detection, incident response, and cloud red teaming. He has worked across both the offensive and defensive sides of cloud security from simulating attacks and validating detection rules to incident response. Prajwal has a deep interest in hunting misconfigurations across modern cloud environments, with a particular focus on attack paths that emerge from CI/CD pipelines, identity trust relationships, and cross-tenant access patterns. His goal is to help enterprises understand these risks and build a stronger cloud security posture.