SlideShare a Scribd company logo

20 common security vulnerabilities and misconfiguration in Azure

Cheah Eng Soon
Cheah Eng Soon

20 common security vulnerabilities and misconfiguration in Azure

Technology
1 of 26
Download to read offline
20 common security vulnerabilities and misconfiguration in Azure By Eng Soon Cheah Microsoft MVP @CheahEngSoon
Who am I ? • Microsoft MVP – Microsoft Azure • Senior IT Developer in Big 4 • Microsoft Certified in Azure Security Engineer Associate
Microsoft Azure TOP 20 vulnerabilities 1. A storage account accessible from the Internet 2. Storage accounts that allow insecure transfers 3. Lack of multi-factor authentication for privileged users 4. Lack of multi-factor authentication for joining devices 5. The free basic version of Azure Security Center lacks many necessary security features 6. Azure virtual network with basic DDoS protection 7. Unencrypted operating system and data disks 8. Missing email notifications in the Security Center 9. Missing log alerts in Azure Monitor 10. Azure NSG inbound rule is configured as ANY
Continue… 11. Configure the public IP address as Basic SKU 12. Use dynamic IP addresses for public-facing services 13. Blob storage with anonymous read access 14. The number of guest users in Azure AD is too large 15. Insecure guest user settings in Azure AD 16. Unlimited access to Azure AD management portal 17. Azure Identity Protection feature is disabled by default 18. Azure Network Watcher is disabled by default 19. HTTPS is not mandatory for all web application traffic 20. Monitoring strategy in Azure Security Center
1. Storage account accessible from the Internet
2. Insecure transfer of storage accounts
3. Lack of multi-factor authentication for privileged users
4. Lack of multi-factor authentication for newly added devices
5. Free version of Azure Security Center
6. Basic DDoS protection for virtual networks
7. Unencrypted operating system and data disk
8. Missing email notifications in Security Center
9. Log alerts are missing in Azure Monitor
10. Azure NSG inbound rule is configured as ANY
11. The public IP address is configured as Basic SKU
12. Dynamic IP address for public-facing services
13. Blob storage with anonymous read access
14. High number of guest users in Azure AD
15. Insecure guest user settings in Azure AD
16. Unrestricted access to Azure AD management portal
17. Azure Identity Protection feature is disabled
18. Azure Network Watcher is disabled
19. HTTPS is not enforced for all web application traffic
20. Monitoring strategy in Azure Security Center
References • My YouTube Channel https://www.youtube.com/c/mvponduty • Images Credit: aqniu-wx

Recommended

Breaking The Cloud Kill Chain
Breaking The Cloud Kill ChainBreaking The Cloud Kill Chain
Breaking The Cloud Kill ChainPuma Security, LLC
 
OWASP API Security Top 10 - API World
OWASP API Security Top 10 - API WorldOWASP API Security Top 10 - API World
OWASP API Security Top 10 - API World42Crunch
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best PracticesAmazon Web Services
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero TrustDavid J Rosenthal
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration TestingCheah Eng Soon
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration TestingCheah Eng Soon
 
Cloud security
Cloud security Cloud security
Cloud security n|u - The Open Security Community
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 

Recommended

Breaking The Cloud Kill Chain
Breaking The Cloud Kill ChainBreaking The Cloud Kill Chain
Breaking The Cloud Kill ChainPuma Security, LLC
 
OWASP API Security Top 10 - API World
OWASP API Security Top 10 - API WorldOWASP API Security Top 10 - API World
OWASP API Security Top 10 - API World42Crunch
 
Security Best Practices
Security Best PracticesSecurity Best Practices
Security Best PracticesAmazon Web Services
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero TrustDavid J Rosenthal
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration TestingCheah Eng Soon
 
Azure Penetration Testing
Azure Penetration TestingAzure Penetration Testing
Azure Penetration TestingCheah Eng Soon
 
Cloud security
Cloud security Cloud security
Cloud security n|u - The Open Security Community
 
Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032Improve Cybersecurity posture by using ISO/IEC 27032
Improve Cybersecurity posture by using ISO/IEC 27032PECB
 
Cloud Computing Forensic Science
Cloud Computing Forensic Science Cloud Computing Forensic Science
Cloud Computing Forensic Science David Sweigert
 
Application Security - Your Success Depends on it
Application Security - Your Success Depends on itApplication Security - Your Success Depends on it
Application Security - Your Success Depends on itWSO2
 
SC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management SolutionsSC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management SolutionsFredBrandonAuthorMCP
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK frameworkBhushan Gurav
 
Multifactor Authentication
Multifactor AuthenticationMultifactor Authentication
Multifactor AuthenticationRonnie Isherwood
 
Overview of secret management solutions and architecture
Overview of secret management solutions and architectureOverview of secret management solutions and architecture
Overview of secret management solutions and architectureYuechuan (Mike) Chen
 
Bypass_AV-EDR.pdf
Bypass_AV-EDR.pdfBypass_AV-EDR.pdf
Bypass_AV-EDR.pdfFarouk2nd
 
Insecure direct object reference (null delhi meet)
Insecure direct object reference (null delhi meet)Insecure direct object reference (null delhi meet)
Insecure direct object reference (null delhi meet)Abhinav Mishra
 
Bug bounty
Bug bountyBug bounty
Bug bountyn|u - The Open Security Community
 
IDOR Know-How.pdf
IDOR Know-How.pdfIDOR Know-How.pdf
IDOR Know-How.pdfBhashit Pandya
 
Detection Rules Coverage
Detection Rules CoverageDetection Rules Coverage
Detection Rules CoverageSunny Neo
 
Bug Bounty 101
Bug Bounty 101Bug Bounty 101
Bug Bounty 101Shahee Mirza
 
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Outlyer
 
Subdomain Enumeration
Subdomain EnumerationSubdomain Enumeration
Subdomain EnumerationAkshayPandurangi
 
DerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShellDerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShellKarl Fosaaen
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to HeroKasun Rajapakse
 
Introduction to WAF and Network Application Security
Introduction to WAF and Network Application SecurityIntroduction to WAF and Network Application Security
Introduction to WAF and Network Application SecurityAlibaba Cloud
 
Threat Hunting Web Shells Using Splunk
Threat Hunting Web Shells Using SplunkThreat Hunting Web Shells Using Splunk
Threat Hunting Web Shells Using Splunkjamesmbower
 
Security Vulnerabilities
Security VulnerabilitiesSecurity Vulnerabilities
Security VulnerabilitiesMarius Vorster
 
0wn-premises: Bypassing Microsoft Defender for Identity
0wn-premises: Bypassing Microsoft Defender for Identity0wn-premises: Bypassing Microsoft Defender for Identity
0wn-premises: Bypassing Microsoft Defender for IdentityNikhil Mittal
 
Securing APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit WebinarSecuring APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit WebinarCodit
 
Az 104 session 8 azure monitoring
Az 104 session 8 azure monitoringAz 104 session 8 azure monitoring
Az 104 session 8 azure monitoringAzureEzy1
 

More Related Content

What's hot

Cloud Computing Forensic Science
Cloud Computing Forensic Science Cloud Computing Forensic Science
Cloud Computing Forensic Science David Sweigert
 
Application Security - Your Success Depends on it
Application Security - Your Success Depends on itApplication Security - Your Success Depends on it
Application Security - Your Success Depends on itWSO2
 
SC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management SolutionsSC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management SolutionsFredBrandonAuthorMCP
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK frameworkBhushan Gurav
 
Multifactor Authentication
Multifactor AuthenticationMultifactor Authentication
Multifactor AuthenticationRonnie Isherwood
 
Overview of secret management solutions and architecture
Overview of secret management solutions and architectureOverview of secret management solutions and architecture
Overview of secret management solutions and architectureYuechuan (Mike) Chen
 
Bypass_AV-EDR.pdf
Bypass_AV-EDR.pdfBypass_AV-EDR.pdf
Bypass_AV-EDR.pdfFarouk2nd
 
Insecure direct object reference (null delhi meet)
Insecure direct object reference (null delhi meet)Insecure direct object reference (null delhi meet)
Insecure direct object reference (null delhi meet)Abhinav Mishra
 
Detection Rules Coverage
Detection Rules CoverageDetection Rules Coverage
Detection Rules CoverageSunny Neo
 
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Outlyer
 
DerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShellDerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShellKarl Fosaaen
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to HeroKasun Rajapakse
 
Introduction to WAF and Network Application Security
Introduction to WAF and Network Application SecurityIntroduction to WAF and Network Application Security
Introduction to WAF and Network Application SecurityAlibaba Cloud
 
Threat Hunting Web Shells Using Splunk
Threat Hunting Web Shells Using SplunkThreat Hunting Web Shells Using Splunk
Threat Hunting Web Shells Using Splunkjamesmbower
 
Security Vulnerabilities
Security VulnerabilitiesSecurity Vulnerabilities
Security VulnerabilitiesMarius Vorster
 
0wn-premises: Bypassing Microsoft Defender for Identity
0wn-premises: Bypassing Microsoft Defender for Identity0wn-premises: Bypassing Microsoft Defender for Identity
0wn-premises: Bypassing Microsoft Defender for IdentityNikhil Mittal
 

What's hot (20)

Cloud Computing Forensic Science
Cloud Computing Forensic Science Cloud Computing Forensic Science
Cloud Computing Forensic Science
 
Application Security - Your Success Depends on it
Application Security - Your Success Depends on itApplication Security - Your Success Depends on it
Application Security - Your Success Depends on it
 
SC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management SolutionsSC-900 Capabilities of Microsoft Identity and Access Management Solutions
SC-900 Capabilities of Microsoft Identity and Access Management Solutions
 
MITRE ATT&CK framework
MITRE ATT&CK frameworkMITRE ATT&CK framework
MITRE ATT&CK framework
 
Multifactor Authentication
Multifactor AuthenticationMultifactor Authentication
Multifactor Authentication
 
Overview of secret management solutions and architecture
Overview of secret management solutions and architectureOverview of secret management solutions and architecture
Overview of secret management solutions and architecture
 
Bypass_AV-EDR.pdf
Bypass_AV-EDR.pdfBypass_AV-EDR.pdf
Bypass_AV-EDR.pdf
 
Insecure direct object reference (null delhi meet)
Insecure direct object reference (null delhi meet)Insecure direct object reference (null delhi meet)
Insecure direct object reference (null delhi meet)
 
Bug bounty
Bug bountyBug bounty
Bug bounty
 
IDOR Know-How.pdf
IDOR Know-How.pdfIDOR Know-How.pdf
IDOR Know-How.pdf
 
Detection Rules Coverage
Detection Rules CoverageDetection Rules Coverage
Detection Rules Coverage
 
Bug Bounty 101
Bug Bounty 101Bug Bounty 101
Bug Bounty 101
 
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
Neil Saunders (Beamly) - Securing your AWS Infrastructure with Hashicorp Vault
 
Subdomain Enumeration
Subdomain EnumerationSubdomain Enumeration
Subdomain Enumeration
 
DerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShellDerbyCon 8 - Attacking Azure Environments with PowerShell
DerbyCon 8 - Attacking Azure Environments with PowerShell
 
Azure Security Center- Zero to Hero
Azure Security Center- Zero to HeroAzure Security Center- Zero to Hero
Azure Security Center- Zero to Hero
 
Introduction to WAF and Network Application Security
Introduction to WAF and Network Application SecurityIntroduction to WAF and Network Application Security
Introduction to WAF and Network Application Security
 
Threat Hunting Web Shells Using Splunk
Threat Hunting Web Shells Using SplunkThreat Hunting Web Shells Using Splunk
Threat Hunting Web Shells Using Splunk
 
Security Vulnerabilities
Security VulnerabilitiesSecurity Vulnerabilities
Security Vulnerabilities
 
0wn-premises: Bypassing Microsoft Defender for Identity
0wn-premises: Bypassing Microsoft Defender for Identity0wn-premises: Bypassing Microsoft Defender for Identity
0wn-premises: Bypassing Microsoft Defender for Identity
 

Similar to 20 common security vulnerabilities and misconfiguration in Azure

Securing APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit WebinarSecuring APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit WebinarCodit
 
Az 104 session 8 azure monitoring
Az 104 session 8 azure monitoringAz 104 session 8 azure monitoring
Az 104 session 8 azure monitoringAzureEzy1
 
Secure your Azure Web App 2019
Secure your Azure Web App 2019Secure your Azure Web App 2019
Secure your Azure Web App 2019Frans Lytzen
 
Secure your web app presentation
Secure your web app presentationSecure your web app presentation
Secure your web app presentationFrans Lytzen
 
DevSum - Top Azure security fails and how to avoid them
DevSum - Top Azure security fails and how to avoid themDevSum - Top Azure security fails and how to avoid them
DevSum - Top Azure security fails and how to avoid themKarl Ots
 
Techorama Belgium 2019: top Azure security fails and how to avoid them
Techorama Belgium 2019: top Azure security fails and how to avoid themTechorama Belgium 2019: top Azure security fails and how to avoid them
Techorama Belgium 2019: top Azure security fails and how to avoid themKarl Ots
 
IT Camp 19: Top Azure security fails and how to avoid them
IT Camp 19: Top Azure security fails and how to avoid themIT Camp 19: Top Azure security fails and how to avoid them
IT Camp 19: Top Azure security fails and how to avoid themKarl Ots
 
Security on Windows Azure
Security on Windows AzureSecurity on Windows Azure
Security on Windows AzureHaddy El-Haggan
 
AZ-204 : Implement Azure security
AZ-204 : Implement Azure securityAZ-204 : Implement Azure security
AZ-204 : Implement Azure securityAzureEzy1
 
Windows Azure Security & Compliance
Windows Azure Security & ComplianceWindows Azure Security & Compliance
Windows Azure Security & ComplianceNuno Godinho
 
Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)
Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)
Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)Codit
 
ITProceed 2015 - Securing Sensitive Data with Azure Key Vault
ITProceed 2015 - Securing Sensitive Data with Azure Key VaultITProceed 2015 - Securing Sensitive Data with Azure Key Vault
ITProceed 2015 - Securing Sensitive Data with Azure Key VaultTom Kerkhove
 
FAUG #9: Azure security architecture and stories from the trenches
FAUG #9: Azure security architecture and stories from the trenchesFAUG #9: Azure security architecture and stories from the trenches
FAUG #9: Azure security architecture and stories from the trenchesKarl Ots
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security CenterLalit Rawat
 
2019-06-04 aOS Strasbourg - Technique 3 - MS Threat Protection - Seyfallah Ta...
2019-06-04 aOS Strasbourg - Technique 3 - MS Threat Protection - Seyfallah Ta...2019-06-04 aOS Strasbourg - Technique 3 - MS Threat Protection - Seyfallah Ta...
2019-06-04 aOS Strasbourg - Technique 3 - MS Threat Protection - Seyfallah Ta...aOS Community
 
2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile ServicesMarco Parenzan
 
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...Beau Bullock
 
AZ-204: Monitor, Troubleshoot & Optimize Azure Solutions
AZ-204: Monitor, Troubleshoot & Optimize Azure SolutionsAZ-204: Monitor, Troubleshoot & Optimize Azure Solutions
AZ-204: Monitor, Troubleshoot & Optimize Azure SolutionsAzureEzy1
 

Similar to 20 common security vulnerabilities and misconfiguration in Azure (20)

Securing APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit WebinarSecuring APIs for ultimate security and privacy with Azure | Codit Webinar
Securing APIs for ultimate security and privacy with Azure | Codit Webinar
 
Az 104 session 8 azure monitoring
Az 104 session 8 azure monitoringAz 104 session 8 azure monitoring
Az 104 session 8 azure monitoring
 
Secure your Azure Web App 2019
Secure your Azure Web App 2019Secure your Azure Web App 2019
Secure your Azure Web App 2019
 
Secure your web app presentation
Secure your web app presentationSecure your web app presentation
Secure your web app presentation
 
DevSum - Top Azure security fails and how to avoid them
DevSum - Top Azure security fails and how to avoid themDevSum - Top Azure security fails and how to avoid them
DevSum - Top Azure security fails and how to avoid them
 
Techorama Belgium 2019: top Azure security fails and how to avoid them
Techorama Belgium 2019: top Azure security fails and how to avoid themTechorama Belgium 2019: top Azure security fails and how to avoid them
Techorama Belgium 2019: top Azure security fails and how to avoid them
 
IT Camp 19: Top Azure security fails and how to avoid them
IT Camp 19: Top Azure security fails and how to avoid themIT Camp 19: Top Azure security fails and how to avoid them
IT Camp 19: Top Azure security fails and how to avoid them
 
Azure sentinel
Azure sentinelAzure sentinel
Azure sentinel
 
Security on Windows Azure
Security on Windows AzureSecurity on Windows Azure
Security on Windows Azure
 
AZ-204 : Implement Azure security
AZ-204 : Implement Azure securityAZ-204 : Implement Azure security
AZ-204 : Implement Azure security
 
Windows Azure Security & Compliance
Windows Azure Security & ComplianceWindows Azure Security & Compliance
Windows Azure Security & Compliance
 
Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)
Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)
Securing Sensitive Data with Azure Key Vault (Tom Kerkhove @ ITProceed)
 
ITProceed 2015 - Securing Sensitive Data with Azure Key Vault
ITProceed 2015 - Securing Sensitive Data with Azure Key VaultITProceed 2015 - Securing Sensitive Data with Azure Key Vault
ITProceed 2015 - Securing Sensitive Data with Azure Key Vault
 
Azure Web Apps Advanced Security
Azure Web Apps Advanced SecurityAzure Web Apps Advanced Security
Azure Web Apps Advanced Security
 
FAUG #9: Azure security architecture and stories from the trenches
FAUG #9: Azure security architecture and stories from the trenchesFAUG #9: Azure security architecture and stories from the trenches
FAUG #9: Azure security architecture and stories from the trenches
 
Tour to Azure Security Center
Tour to Azure Security CenterTour to Azure Security Center
Tour to Azure Security Center
 
2019-06-04 aOS Strasbourg - Technique 3 - MS Threat Protection - Seyfallah Ta...
2019-06-04 aOS Strasbourg - Technique 3 - MS Threat Protection - Seyfallah Ta...2019-06-04 aOS Strasbourg - Technique 3 - MS Threat Protection - Seyfallah Ta...
2019-06-04 aOS Strasbourg - Technique 3 - MS Threat Protection - Seyfallah Ta...
 
2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services2015.04.23 Azure Mobile Services
2015.04.23 Azure Mobile Services
 
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...
Covert Attack Mystery Box: A few novel techniques for exploiting Microsoft “f...
 
AZ-204: Monitor, Troubleshoot & Optimize Azure Solutions
AZ-204: Monitor, Troubleshoot & Optimize Azure SolutionsAZ-204: Monitor, Troubleshoot & Optimize Azure Solutions
AZ-204: Monitor, Troubleshoot & Optimize Azure Solutions
 

More from Cheah Eng Soon

Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for EndpointCheah Eng Soon
 
Azure Active Directory - Secure and Govern
Azure Active Directory - Secure and GovernAzure Active Directory - Secure and Govern
Azure Active Directory - Secure and GovernCheah Eng Soon
 
MEM for OnPrem Environments
MEM for OnPrem EnvironmentsMEM for OnPrem Environments
MEM for OnPrem EnvironmentsCheah Eng Soon
 
Microsoft Threat Protection Automated Incident Response
Microsoft Threat Protection Automated Incident Response Microsoft Threat Protection Automated Incident Response
Microsoft Threat Protection Automated Incident Response Cheah Eng Soon
 
Penetration Testing Azure for Ethical Hackers
Penetration Testing Azure for Ethical HackersPenetration Testing Azure for Ethical Hackers
Penetration Testing Azure for Ethical HackersCheah Eng Soon
 
Microsoft Threat Protection Automated Incident Response Demo
Microsoft Threat Protection Automated Incident Response DemoMicrosoft Threat Protection Automated Incident Response Demo
Microsoft Threat Protection Automated Incident Response DemoCheah Eng Soon
 
Microsoft Secure Score Demo
Microsoft Secure Score DemoMicrosoft Secure Score Demo
Microsoft Secure Score DemoCheah Eng Soon
 
Microsoft Cloud App Security Demo
Microsoft Cloud App Security DemoMicrosoft Cloud App Security Demo
Microsoft Cloud App Security DemoCheah Eng Soon
 
M365 Attack Simulation Demo
M365 Attack Simulation DemoM365 Attack Simulation Demo
M365 Attack Simulation DemoCheah Eng Soon
 
Azure Active Directory - External Identities Demo
Azure Active Directory - External Identities Demo Azure Active Directory - External Identities Demo
Azure Active Directory - External Identities Demo Cheah Eng Soon
 
Azure Weekend 2020 Build Malaysia Bus Uncle Chatbot
Azure Weekend 2020 Build Malaysia Bus Uncle ChatbotAzure Weekend 2020 Build Malaysia Bus Uncle Chatbot
Azure Weekend 2020 Build Malaysia Bus Uncle ChatbotCheah Eng Soon
 
Microsoft Azure的20大常见安全漏洞与配置错误
Microsoft Azure的20大常见安全漏洞与配置错误Microsoft Azure的20大常见安全漏洞与配置错误
Microsoft Azure的20大常见安全漏洞与配置错误Cheah Eng Soon
 
Integrate Microsoft Graph with Azure Bot Services
Integrate Microsoft Graph with Azure Bot ServicesIntegrate Microsoft Graph with Azure Bot Services
Integrate Microsoft Graph with Azure Bot ServicesCheah Eng Soon
 
Azure Sentinel with Office 365
Azure Sentinel with Office 365Azure Sentinel with Office 365
Azure Sentinel with Office 365Cheah Eng Soon
 
3 Steps Integrate Microsoft Graph with Azure Bot Services
3 Steps Integrate Microsoft Graph with Azure Bot Services3 Steps Integrate Microsoft Graph with Azure Bot Services
3 Steps Integrate Microsoft Graph with Azure Bot ServicesCheah Eng Soon
 
Data Science - The Most Profitable Movie Characteristic
Data Science - The Most Profitable Movie CharacteristicData Science - The Most Profitable Movie Characteristic
Data Science - The Most Profitable Movie CharacteristicCheah Eng Soon
 
Modernize your Security Operations with Azure Sentinel
Modernize your Security Operations with Azure SentinelModernize your Security Operations with Azure Sentinel
Modernize your Security Operations with Azure SentinelCheah Eng Soon
 

More from Cheah Eng Soon (20)

Microsoft Defender for Endpoint
Microsoft Defender for EndpointMicrosoft Defender for Endpoint
Microsoft Defender for Endpoint
 
Azure Active Directory - Secure and Govern
Azure Active Directory - Secure and GovernAzure Active Directory - Secure and Govern
Azure Active Directory - Secure and Govern
 
Microsoft Zero Trust
Microsoft Zero TrustMicrosoft Zero Trust
Microsoft Zero Trust
 
MEM for OnPrem Environments
MEM for OnPrem EnvironmentsMEM for OnPrem Environments
MEM for OnPrem Environments
 
Microsoft Threat Protection Automated Incident Response
Microsoft Threat Protection Automated Incident Response Microsoft Threat Protection Automated Incident Response
Microsoft Threat Protection Automated Incident Response
 
Penetration Testing Azure for Ethical Hackers
Penetration Testing Azure for Ethical HackersPenetration Testing Azure for Ethical Hackers
Penetration Testing Azure for Ethical Hackers
 
Microsoft Threat Protection Automated Incident Response Demo
Microsoft Threat Protection Automated Incident Response DemoMicrosoft Threat Protection Automated Incident Response Demo
Microsoft Threat Protection Automated Incident Response Demo
 
Microsoft Secure Score Demo
Microsoft Secure Score DemoMicrosoft Secure Score Demo
Microsoft Secure Score Demo
 
Microsoft Cloud App Security Demo
Microsoft Cloud App Security DemoMicrosoft Cloud App Security Demo
Microsoft Cloud App Security Demo
 
M365 Attack Simulation Demo
M365 Attack Simulation DemoM365 Attack Simulation Demo
M365 Attack Simulation Demo
 
Cloud Security Demo
Cloud Security DemoCloud Security Demo
Cloud Security Demo
 
Azure Active Directory - External Identities Demo
Azure Active Directory - External Identities Demo Azure Active Directory - External Identities Demo
Azure Active Directory - External Identities Demo
 
Azure WAF
Azure WAFAzure WAF
Azure WAF
 
Azure Weekend 2020 Build Malaysia Bus Uncle Chatbot
Azure Weekend 2020 Build Malaysia Bus Uncle ChatbotAzure Weekend 2020 Build Malaysia Bus Uncle Chatbot
Azure Weekend 2020 Build Malaysia Bus Uncle Chatbot
 
Microsoft Azure的20大常见安全漏洞与配置错误
Microsoft Azure的20大常见安全漏洞与配置错误Microsoft Azure的20大常见安全漏洞与配置错误
Microsoft Azure的20大常见安全漏洞与配置错误
 
Integrate Microsoft Graph with Azure Bot Services
Integrate Microsoft Graph with Azure Bot ServicesIntegrate Microsoft Graph with Azure Bot Services
Integrate Microsoft Graph with Azure Bot Services
 
Azure Sentinel with Office 365
Azure Sentinel with Office 365Azure Sentinel with Office 365
Azure Sentinel with Office 365
 
3 Steps Integrate Microsoft Graph with Azure Bot Services
3 Steps Integrate Microsoft Graph with Azure Bot Services3 Steps Integrate Microsoft Graph with Azure Bot Services
3 Steps Integrate Microsoft Graph with Azure Bot Services
 
Data Science - The Most Profitable Movie Characteristic
Data Science - The Most Profitable Movie CharacteristicData Science - The Most Profitable Movie Characteristic
Data Science - The Most Profitable Movie Characteristic
 
Modernize your Security Operations with Azure Sentinel
Modernize your Security Operations with Azure SentinelModernize your Security Operations with Azure Sentinel
Modernize your Security Operations with Azure Sentinel
 

Recently uploaded

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024The Digital Insurer
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...apidays
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 

Recently uploaded (20)

04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024Finology Group – Insurtech Innovation Award 2024
Finology Group – Insurtech Innovation Award 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 

20 common security vulnerabilities and misconfiguration in Azure

  • 1. 20 common security vulnerabilities and misconfiguration in Azure By Eng Soon Cheah Microsoft MVP @CheahEngSoon
  • 2. Who am I ? • Microsoft MVP – Microsoft Azure • Senior IT Developer in Big 4 • Microsoft Certified in Azure Security Engineer Associate
  • 3. Microsoft Azure TOP 20 vulnerabilities 1. A storage account accessible from the Internet 2. Storage accounts that allow insecure transfers 3. Lack of multi-factor authentication for privileged users 4. Lack of multi-factor authentication for joining devices 5. The free basic version of Azure Security Center lacks many necessary security features 6. Azure virtual network with basic DDoS protection 7. Unencrypted operating system and data disks 8. Missing email notifications in the Security Center 9. Missing log alerts in Azure Monitor 10. Azure NSG inbound rule is configured as ANY
  • 4. Continue… 11. Configure the public IP address as Basic SKU 12. Use dynamic IP addresses for public-facing services 13. Blob storage with anonymous read access 14. The number of guest users in Azure AD is too large 15. Insecure guest user settings in Azure AD 16. Unlimited access to Azure AD management portal 17. Azure Identity Protection feature is disabled by default 18. Azure Network Watcher is disabled by default 19. HTTPS is not mandatory for all web application traffic 20. Monitoring strategy in Azure Security Center
  • 5. 1. Storage account accessible from the Internet
  • 6. 2. Insecure transfer of storage accounts
  • 7. 3. Lack of multi-factor authentication for privileged users
  • 8. 4. Lack of multi-factor authentication for newly added devices
  • 9. 5. Free version of Azure Security Center
  • 10. 6. Basic DDoS protection for virtual networks
  • 11. 7. Unencrypted operating system and data disk
  • 12. 8. Missing email notifications in Security Center
  • 13. 9. Log alerts are missing in Azure Monitor
  • 14. 10. Azure NSG inbound rule is configured as ANY
  • 15. 11. The public IP address is configured as Basic SKU
  • 16. 12. Dynamic IP address for public-facing services
  • 17. 13. Blob storage with anonymous read access
  • 18. 14. High number of guest users in Azure AD
  • 19. 15. Insecure guest user settings in Azure AD
  • 20. 16. Unrestricted access to Azure AD management portal
  • 21. 17. Azure Identity Protection feature is disabled
  • 22. 18. Azure Network Watcher is disabled
  • 23. 19. HTTPS is not enforced for all web application traffic
  • 24. 20. Monitoring strategy in Azure Security Center
  • 25.
  • 26. References • My YouTube Channel https://www.youtube.com/c/mvponduty • Images Credit: aqniu-wx