In this course, we will explore the attack and defense aspects of various vulnerabilities, including Template Injection and Yaml Deserialization on Azure Functions. Additionally, we will delve into run-time event-based attacks like YAML Deserialization and XXE on Azure Functions.
Finally, we will analyze defense strategies such as the importance of logging system and application logs in log analytics and syslog for effective incident management. Furthermore, we will examine how Private Links and Private Endpoints can aid in secure communication.
Azure Security Functions
Azure Template Injection - Attack
Azure Template Injection - Defense
Azure YAML Deserialization - Attack
Azure YAML Deserialization - Defense
Azure XXE Blob Trigger
Azure YAML Deserialization - Blob Trigger
Azure Private Link with Private End Point
Azure Sentinal Syslog
Attacking and Defending Azure functions
Template Injection Attack and Defence with Azure functions
Yaml Deserialization Attack and Defence with Azure functions
Runtime Attack / Event Injection on Azure functions
Azure Functions YAML Deserialization with blob Trigger
Azure Functions XXE with blob Trigger
Azure Functions Defence
Logging SysLogs in Azure Sentinel for Incident Management
Creating Private links and Private Endpoints for secure communication