Check out The NetSPI Platform, our all-in-one proactive security solution.
NetSPI PTaaS
Shift projects to programs with contextualized pentesting in a technology-enabled, human-delivered, platform.Application Pentesting
Secure your web, mobile, thick, and virtual applications and APIs.AI/ML Pentesting
Reduce the risk of using AI in your environment with testing and jailbreaking for LLMs.Cloud Pentesting
Secure your AWS, Azure, and Google cloud infrastructures.Blockchain Pentesting
Uncover and understand blockchain security concerns.Network Pentesting
Secure your internal, external, wireless, and mainframe networks.Secure Code Review
Find application security vulnerabilities in your source code with SAST tools and manual review.SaaS Security Assessment
Discover and remediate SaaS configuration instances and app vulnerabilities.Hardware Systems
Find vulnerabilities that could put your IoT, automotive, medical device, ATM, OT, and other cyber-physical systems at risk.Red Team
Simulate attacks to assess detection, response, and recovery capabilities across people, processes, and technology.Threat Modeling
Identify potential threats to your company’s systems and applications through a holistic program.Cybersecurity Maturity Assessment
Define prioritized steps to advance your security program.Social Engineering
Conduct email, phone, or physical security social engineering tests.Watch the first webinar in our Lunch & Learn Series below!
With the increase in hybrid cloud adoption, that extends traditional active directory domain environments into Azure, penetration tests and red team assessments are more frequently bringing Azure tenants into the engagement scope. Attackers are often finding themselves with an initial foothold in Azure, but lacking in ideas on what an escalation path would look like.
In this webinar, Karl Fosaaen covers some of the common initial Azure access vectors, along with a handful of escalation paths for getting full control over an Azure tenant. In addition to this, he covers some techniques for maintaining that privileged access after an initial escalation. Throughout each section, he shares some of the tools that can be used to help identify and exploit the issues outlined.