Purple Clouds: PowerZure
Presenting a purple teaming analysis of PowerZure, an open source offensive security tool that targets Microsoft Azure. Come learn how to use it for offensive research, or how to detect many of it's modules in Azure's telemetry (complete with Sigma detection rules where applicable). The talk is based on my independent research into how to detect the tool from a defensive perspective, but will also include a demo of offensive functionality.