...This presentation will give a background on Azure DevOps Services, along with showing how to perform several attacks against the cloud-based platform. These attacks will include reconnaissance, privilege escalation, persistence, and defense evasion. The attacks will be shown to bypass default Microsoft Sentinel analytic rules for Azure DevOps Services. Defensive guidance will be provided on protecting against these attacks and improving the default Microsoft Sentinel analytic rules for Azure DevOps Services. Additionally, X-Force Red's Azure DevOps Services attack toolkit (ADOKit) will be shown to perform and facilitate several of these attacks.
By: Brett Hawkins
Full Abstract and Presentation Materials:
www.blackhat.com/eu-23/briefi...