Purple Clouds: PowerZure
Presenting a purple teaming analysis of PowerZure, an open source offensive security tool that targets Microsoft Azure. Come learn how to use it for offensive research, or how to detect many of it's modules in Azure's telemetry (complete with Sigma detection rules where applicable). The talk is based on my independent research into how to detect the tool from a defensive perspective, but will also include a demo of offensive functionality.
About the Presenter: Darin Smith
Darin is a security researcher at Cisco Talos who focuses on the public cloud and enjoys making life harder for threat actors. Previous affiliations include Amazon, the US government, University of California Davis and Kingβs College London. In his spare time he plays cello and fiddle.