No announcement yet.

Nishant Sharma, Jeswin Mathai - Introduction to Azure Security

  • Filter
  • Time
  • Show
Clear All
new posts

  • Nishant Sharma, Jeswin Mathai - Introduction to Azure Security


    Thursday from 1400 to 1800
    EventBrite Link:

    In recent times, Azure has become one of the dominant cloud service providers. Most enterprises today have some infrastructure if not all deployed on the cloud and attackers are constantly on the hunt for finding a way into the infrastructure.

    Among the recent cloud hacks, around 97 percent are due to misconfigurations and various surveys suggest that in most cases, people were not aware of how misconfiguration can happen in various circumstances. Azure security is a mammoth in itself and a lot of people struggle in getting started with it, for the same reason many cloud administrators and developers are not aware of how misconfigurations and vulnerable applications can be leveraged to get a foothold on the account.

    This workshop is a power course for Azure security, we will first cover the fundamentals and building blocks of Azure then we will take a look at the threatscape and attack vectors.

    Skill Level: Beginner to Intermediate
    Materials Needed: A laptop with the latest web browser and network connectivity
    A Kali VM (Virtual Box, VMWare, WSL)

    Nishant Sharma is a Security Research Manager at INE where he manages the development of next-generation on-demand labs. Prior to INE, he worked as R&D Head of Pentester Academy (Acquired by INE) where he led a team of developers/researchers to create content and platform features for AttackDefense. He has also developed multiple gadgets for WiFi pentesting/monitoring such as WiMonitor, WiNX and WiMini. With over 9+ years of experience in development and content creation, he has conducted trainings/workshops at Blackhat Asia/USA, HITB Amsterdam/Singapore, OWASP NZ day, DEFCON USA villages. He has presented/published his work at Blackhat USA/Asia Arsenal, DEFCON USA/China, Wireless Village, Packet Village and IoT village. He has also conducted WiFi Pentesting training at Blackhat USA 2019, 2021. He had started his career as a firmware developer at Mojo Networks (Acquired by Arista) where he worked on new features for the enterprise-grade WiFi APs and maintenance of state-of-the-art WIPS. He has a Master degree in Information Security from IIIT Delhi. He has also published peer-reviewed academic research on HMAC security. His areas of interest include WiFi, Azure and Container security.

    Jeswin Mathai is a Senior Security Researcher at INE. Prior to joining INE, He was working as a senior security researcher at Pentester Academy (Acquired by INE). At Pentester Academy, he was also part of the platform engineering team who was responsible for managing the whole lab infrastructure. He has published his work at DEFCON China, RootCon, Blackhat Arsenal, and Demo labs (DEFCON). He has also been a co-trainer in classroom trainings conducted at Black Hat Asia, HITB, RootCon, OWASP NZ Day. He has a Bachelor degree from IIIT Bhubaneswar. He was the team lead at InfoSec Society IIIT Bhubaneswar in association with CDAC and ISEA, which performed security auditing of government portals, conducted awareness workshops for government institutions. His area of interest includes Cloud Security, Container Security, and Web Application Security.

    Max Class Size: 40
    Last edited by number6; July 4, 2022, 15:53.

  • #2
    I am having trouble finding a listing of the exact locations the different workshops will be held. Are there room/location assignments for this workshop yet?


    • number6
      number6 commented
      Editing a comment
      I do not work for workshops, or plan contests, events,villages, parties, etc. at DEF CON. You will have to wait for someone from workshops to answer this.

    • mailerdaemon
      mailerdaemon commented
      Editing a comment
      Apostle, it appears that they are all in Harrah's. If you look at teh eventbrite details it says a name at the beginning (like "Lake Tahoe" or "Copper"). I believe these will be the room names within Harrah's.

  • #3
    ..posted 48 minutes ago and its already sold out????


    • number6
      number6 commented
      Editing a comment
      A reason why workshop registration sign-up day/time is announce early, is because they tend to be popular, and registration spots go quickly. Consider this a learning experience for the next time you plan to attend a workshop: make sure to be ready to register the day and time that workshop registrations open, and prioritize the workshops you want to attend to most, first. Most people were unable to get their second choice for a workshop because by the time they completed registration for their first workshop, spots in the next most preferred workshop were also consumed.