Overview of Cloud Penetration Testing when your host is Microsoft Azure
First, when you are using the one of the two biggest SaaS platforms for your system architecture enabling multiple services, you would think your sensitive data is totally secure.
1. What is Azure?
Microsoft Azure is an ever-expanding set of cloud services helping your organization meet your business challenges. It’s the freedom to build, manage, and deploy applications on a massive, global network using your favorite tools and frameworks.
2. What kind of services does it provide
- Many, including:
- Load Balancer
- Azure Cosmos DB
- Azure Active Directory as shown below
3. It’s a Microsoft product. Why is it vulnerable?
Microsoft states that:
“We don’t pentest your application for you, but we do understand that you will want and need to perform pentesting on your own applications. That’s a good thing, because when you enhance the security of your applications, you help make the entire Azure ecosystem more secure.
Now begin with Azure Pentesting
From an ethical hacker’s perspective, we test vulnerabilities in the following phases:
We will look into the complete list of Azure services starting from web hosting to databases, secret key storage, and machine learning. With so many multiple offerings/services, it's hard to determine which services and features are misconfigured for which customers and how it can lead towards dangerous vulnerabilities
- Examining Storage:
We will look into the storage-related vulnerabilities like problems with repudiation, authorization, and remediation. Example; developers often embed storage keys in their code or configuration files without considering the security risk.
- Targeting Virtual Machines:
We will discuss how to obtain the virtual hard disk (VHD) images for virtual machines, without ever gaining Azure portal access.
- Investigating Networks:
We will discuss the conventional configuration tactics of firewalls which can create services vulnerable to attacks. We will also discuss how attackers can leverage Azure’s tunnels to compromise a network
- Other Azure Services:
We will discuss some of the newer, lesser-used and unique Azure services plus examine the ones that are interesting from a security perspective, such as Key Vault
- Monitoring, Logs, and Alerts:
We will discuss the monitoring tools, logs, and alerts and how you and your team can review them to detect any malicious activities
We will explain all these phases one by one in subsequent posts.
Next, in subsequent posts, we will explain those phases one by one