Azure Security Fundamentals - SO-CON 2025 (In-person & Virtual; US Time)

Have you found yourself in a job role needing to attack or defend Azure architecture? Has your fast-paced organization moved to the cloud while leaving security to catch up? Azure Security Fundamentals cuts through the fog of the cloud by building participants' understanding of Azure's infrastructure components, common architecture designs, and security controls in the context of the attacker lifecycle. Through hands-on labs, this course also teaches participants how to identify misconfigurations in Azure that are commonly leveraged by attackers. Participants should expect to walk away from Azure Security Fundamentals with a strong foundation of Azure security knowledge and first step on their journey of attacking or defending corporate Azure environments.

Course Summary

Get You Head in the Clouds! This course will teach participants the fundamentals of Azure, with a focus on security informed by attacker insight. Participants will build on this knowledge through an understanding of how Azure architectures, like solely cloud-based environments or hybridized on-premises and Azure environments, can affect the overall security of an environment. Participants reinforce what they learn through hands-on labs throughout the course and through guidance given by SpecterOps practitioners instructing the class.

Course Syllabus

Day 1

• Class Introduction
• Azure Basics
• Accounts and Identities
• Roles
• Groups

Day 2

• Function Apps
• Microsoft 365
• Virtual Machines
• MS Graph

Day 3

• OAuth
• Authentication Mechanisms
• Credential and Identity Syncing Mechanisms

Day 4

• Conditional Access Policies
• External Information Gathering
• Credential Collection
• Attack Lifecycle

SO-CON Training Benefits

This course is a part of the SO-CON 2025 event. Attend the SO-CON 2025 conference for FREE by adding the SO-CON 2025 ticket to your training order!

Stay tuned for announcements about more SO-CON training benefits!

Participant Requirements

Azure Security Fundamentals is intended for security professionals of any experience level looking to learn more about the foundations of Azure security and common attacks against it.
This course assumes no prior Azure knowledge, though participants would benefit from previous exposure to an enterprise Azure environment and previous general offensive or defensive security experience.

Hybrid (Virtual) Attendance

If traveling to Arlington, VA isn't feasible, you can opt to take this course virtually online through Zoom. You will receive the same training portal access and watch the live instruction. However, the virtual training is not part of SO-CON - remote attendees will NOT receive any of the exclusive benefits that come with in-person training, including a free ticket to the SO-CON summit.
Remote attendees will receive logistics emails and credentials the week before the trainings.

FAQs

How can I contact the organizer with any questions?

Please email training@specterops.io with any questions.  

What's the refund policy?

Full refunds will be provided up to 7 days before the course start date.

What are the hardware requirements for attending the course?

Courses are based in the SpecterOps training portal and accessible via an internet connection; no VMs are required for labs. The following are recommended hardware requirements:

• Internet Connection
• 8GBs of RAM
• Modern Web Browser capable of rendering HTML5