Azure Application Security Series — Part 1 — What I will be covering -

In this series of blogs, we will be diving into Azure Application Security topics. In this first part, I will discuss about the -

Bloggertech

~2 min read · December 3, 2024 (Updated: December 3, 2024) · Free: Yes

1) Topics covered for this series, 2) Frequency of these parts, 3) Explanation style, 4) My credentials and CyberSecurity Certifications.

This multi-part series is for anyone who is beginning to learn about Azure App Security, learn about Azure Penetration Testing, use tools in that evades / bypass MDI ( Microsoft Defender for Identity ), MDE (Microsoft defender for cloud ) etc. Currently I am learning this certification ( CAWASP — Certified Azure Web App Security Professional ), so I thought it would be a great idea to put together in writing about what I learn.

1) Topics covered for this series — Here are the high level topics that we will cover for the entire series.

- Azure Services Recon and Enumeration

- Various App Services available in Azure

- Authentication and Authorization processes

- Azure WAF

- App Registration, Enterprise Apps and Conditional Acceess Policy

- Function Apps

- Key Vaults

- Storage Accounts

- Databases

- Application Proxy and Azure API Management

- Microsoft Defender for Cloud and Microsoft Defender for Cloud Apps

- Defense and Detection.

2) Frequency of these parts ( series of blogs ) — The frequency would be almost daily. You will find an article almost every day.

3) Explanation style — I will introduce a topic with a heading, then write some content about it and finally give some examples and screenshots. This way the explanation would be a bit clear and would seem more understandable. The topics would be laid out mostly in indentation format. A topic would be discussed, then points for that topic would be neatly indented below the topic name so that readers have a focus on that topic. An Example layout is given below:

- Topic1 -

- Topic1 Explanation — Topic1 Explanation — Topic1 Examples and Relevant images

- Topic2 -

- Topic2 Explanation — Topic2 Explanation — Topic2 Examples and Relevant images

4) My Credentials and CyberSecurity Certifications -

- I have earned around 6–7 CyberSecurity Certifications including — eJPT (eLearn Junior Penetration Tester ), CRTP ( Certified Red team Professional ), eWPT (eLearn Certified Web Penetration Tester ), CRTE ( Certified Red team Expert ), CARTP ( Certified Azure Red Team Professional ) , ADCS — CESP ( Certified Enterprise Security Professional ).

- Currently, I am pursuing CAWASP ( Certified Azure Web App Security Professional ).

5) My Other Credentials and Certifications — Azure (x7 ), CCNA, Comptia Cysa+, Comptia CASP+, Comptia Pentest+.

Feedbacks are welcome in comments section, personal email.

Please do share this amongst your group, like-minded people interested in Azure App Security.

Link to CAWASP — https://www.alteredsecurity.com/azureappsec

List of my other stories — https://medium.com/@bloggertech927

#azure-app-security #azure-security #azurepenetrationtesting #azure

Azure Application Security Series — Part 1 — What I will be covering -

In this series of blogs, we will be diving into Azure Application Security topics. In this first part, I will discuss about the -

Reporting a Problem