The cloud landscape is experiencing an unprecedented surge in highly sophisticated cyber-attacks. Malicious threat actors are moving beyond traditional exploits against on-premises environments and are targeting cloud infrastructure instead. These attacks can include intricate maneuvers such as lateral movement, exploiting misconfigurations, orchestrating supply chain attacks, deploying ransomware on cloud data, and more. Critical cloud resources such as databases and storage are at risk.
Security Training in Azure: A Non-Negotiable Imperative:
As organizations increasingly embrace cloud services like Azure, it is imperative for them to develop robust defense capabilities in cloud environments to effectively secure their cloud resources against cloud-based threats.
Elevate Your Cloud Skills with Azure Labs and Live-Fire Exercises
To empower its customers that operate on the Azure platform to safeguard their Azure cloud environment, Cyberbit’s cloud platform offerings also include Azure, providing hands-on skill development in the Azure network.
This means that Cyberbit customers can uniquely dive deep into hands-on experiences on the Azure platform, learning its distinct services and adhering to Azure best practices. SOC teams go from “zero to Azure hero” starting with labs that teach the basics of security and continuing with live-fire exercises that teach detection, investigation, response, and forensics.
Cyberbit’s live-fire exercise, “Double Extortion”, is the first of its exercises using this new infrastructure:
Benefits to Cyberbit Customers
Here are a few of the ways that Cyberbit customers benefit from practicing in the Azure cloud environment:
- Hands-on experience with the Azure platform: Trainees can gain valuable experience with the Azure platform, including its unique services and best practices. This will help them to be more prepared for the challenges of the real world.
- Access to a wide range of Azure services: Trainees will have the opportunity to explore and use a wide range of Azure services. This will give them a deeper understanding of the Azure platform and its capabilities. They will learn how to navigate through the investigation process and uncover critical findings about an attack.
- Specialized units on Azure vulnerabilities: Cyberbit plans to release specialized learning units that focus on the vulnerabilities of the Azure platform. This will give trainees the opportunity to learn about and practice mitigating these vulnerabilities.
In addition to the above benefits, the Azure infrastructure also offers the following capabilities:
- The ability to connect to every endpoint within the Azure network: Trainees can connect to every endpoint, including SOC stations, servers, and web servers. This will allow them to actively investigate attacks directly from these endpoints.
- Exclusive credentials for the Azure portal: Trainees will receive exclusive credentials for the Azure portal, conveniently displayed in the network information. Within the Azure portal, they will delve into a new dimension that offers an additional avenue for investigating the attack. The ability to investigate both from the endpoints themselves and the portals completes the overall investigation experience.
Examples of services that can be investigated within the Azure portal.
- Storage account service: This service allows management of data objects like files. During the investigation, trainees may find files uploaded by the attacker.
- Azure AD service: This service provides the ability to manage end-user identities and access privileges. During the investigation, trainees may discover compromised credentials.
The ability to check whether trainees successfully executed required actions on Azure virtual endpoint: The new infrastructure comes with the ability to check whether learners successfully executed required actions on Azure virtual endpoints. This allows them to not only identify vulnerabilities but actively implement solutions within the Azure environment.
The Debut of our Live-Fire Azure Exercise
Cyberbit’s dedication to providing the most effective training experience to its customers is exemplified by the introduction of our “Double Extortion” exercise. This exercise enables cyber defense teams and trainees to refine their investigative skills against threats to the Azure infrastructure and gain a thorough understanding of its potential vulnerabilities and risks. Additionally, including Azure as part of our cloud offerings means that SOC team professionals are equipped with valuable hands-on experience on a widely adopted cloud platform, fostering a deep understanding of its unique services and potential vulnerabilities.
Empower your cloud security with Azure expertise: Request a demo to learn more about our new live-fire “Double Extortion” exercise.