Secura speaks at DEF CON 2022: Presenting the Azure Cloud Hacking Tool

Roy Stultiens, a security expert at Bureau Veritas Cybersecurity, and Siebren Kraak, an IT and Cybersecurity student at Fontys Hogeschool, who did his graduation internship with Bureau Veritas Cybersecurity, developed a hacking tool for Azure Cloud security experts to help them learn about the potential security risks that occur when configurations are set up incorrectly. There are plenty of cloud security training tools out there, however, it was hard to find a proper one for Microsoft Azure Cloud. The tool is live now at BrokenAzure.Cloud and has been added to the portfolio of Bureau Veritas Cybersecurity's BrokenbyDesign line of ‘hackable’ apps for enthusiasts to exploit and learn from. Essentially it is a Capture The Flag tool, where the hacker will have to find the flags hidden in the tool. Hints can be given if the hacker requires them to get through.

As organizations move their networks from physical environments towards cloud environments such as those from Amazon and Microsoft, it increases the amount of risks and challenges. Setting up in the cloud might be more scalable and easier, but it requires other knowledge and expertise than setting up physical networks. Wrong configurations can lead to many security risks.

Ricardo Sanchez, a Senior Security Specialist, and Cloud Security Team Lead at Bureau Veritas Cybersecurity, has also been invited to speak at DEF CON this year at the Cloud Village on how to perform cloud security assessments and how to find common cloud misconfiguration.

Do you have any questions, or are you interested in Bureau Veritas Cybersecurity's Cloud Security services? Contact Bureau Veritas Cybersecurity at cybersecurity@bureauveritas.com or +31 88 888 3100