Microsoft’s Azure is a complicated system of principals, securable objects, and the various ways access is granted to those objects.
Some privileged actions are tightly controlled by Azure AD roles, while other actions are controlled by roles and object ownership. Many objects in Azure are subject to distinct permissions systems, which can make effective access auditing very difficult.
In this session, Andy will explain how some of those permissions systems can be abused to escalate privileges.
Some privileged actions are tightly controlled by Azure AD roles, while other actions are controlled by roles and object ownership. Many objects in Azure are subject to distinct permissions systems, which can make effective access auditing very difficult.
In this session, Andy will explain how some of those permissions systems can be abused to escalate privileges.
- Category
- Management
Be the first to comment