November 11, 2020

Useful Azure Links and Tools

In our previous post, we covered AWS cloud security tools and resources.. Now let’s move to the second most popular cloud provider, who we believe may soon be first and may just overtake the global market in not so long - Microsoft Azure.

From our data, we see that more healthcare, medical, and automotive industries are using or moving to Azure from AWS, which still leads in the financial sector.

Dynamic Secrets Retrieval in Azure App Service with Vault - Nice video tutorial to learn about Vault's ability to integrate with Azure Active Directory.

image-e9cbe

 

Escalating to Domain Admin in Microsoft’s Cloud Hosted Active Directory (Azure AD Domain Services) - Privilege Escalation to Domain Admin in Azure AD Domain Services - Great blog post, especially for the Penetration Testers in the audience.

image-je903

 

Detecting Microsoft 365 and Azure Active Directory Backdoors - Another excellent example of security issues in Microsoft SaaS solutions.

image-j1b8f

whalescan - A nice tool that can perform vulnerability scans for Windows containers.

image-wa748

DataDog's Azure logs tool - This is a great tool that can help you in collecting and monitoring your Microsoft Azure platform logs.dd_logo_v_rgbThis tool has a built-in threat detection rules that send notifications whenever malicious activity is identified and is suitable for DevOps who understand the organizational hierarchy of their company's Azure resource directory.

 

 

-----------------------------------

About Lightspin

Lightspin’s context-based cloud security empowers cloud and security teams to eliminate risks and maximize productivity by proactively and automatically detecting all security risks, smartly prioritizing the most critical issues, and easily fixing them. For more information, visit https://www.lightspin.io/