Menu Icon
< back to main
 • 5 min read

How to Perform Azure Pentesting

Learn about various Azure vulnerabilities and how to best approach Azure cloud security.

How to Perform Azure Pentesting
Jacob Fox
Jacob Fox

Jacob Fox is a search engine specialist at Cobalt. With a passion for technology, Jacob believes in the mission at Cobalt to transform traditional pentesting with the innovative Penetration Testing as a Service (PtaaS) platform focused on empowering companies to build out their pentesting programs.

Want to see the platform in action?
get a demoArrow Right
Want to see the platform in action?
get a demoArrow Right

Companies are benefiting from an increasing supply of cloud services. The ability to outsource features and functions creates an environment of flexibility and scale that would be too costly to undertake individually. One suite that companies frequently turn to is Microsoft's Aure.

Like many other cloud platforms, Microsoft Azure offers over 200 cloud-based services that help streamline a company's operations. However, there is a compromise that needs to be understood when adopting Azure. Companies have access to various resources and seamless integration but at the cost of control.

There are some aspects and responsibilities that are shared between the two parties. One such role that is divided relates to some of the components of Microsoft Azure security.

With a rise of attacks against Azure’s three major pillars, Authentication and Authorization (Azure AD and RBAC), Storage, and Network, it’s wise to adopt a frequent Azure pentesting policy. Let’s dive deeper into the various Azure vulnerabilities and address how to remediate Azure cloud security.

Azure Pentesting: Two Model Options

Azure users can choose between two different deployment models when managing the service’s solutions. These two models are not compatible as the user works with them through two different API sets. The deployment models consist of:

Classic Deployment

Classic deployment is not able to group related resources. Instead, each resource needs to be manually tracked and managed independently. Deploying resources requires attention to detail as it needs to be done in the correct order.

If there was a solution that you wanted to remove, each one had to be deleted individually.

The classic approach highlights many Azure problems that have been successfully updated. Azure issues such as tagging resources and updating access control policies between interconnected resources have been remedied with the release of the second model.

Resource Management Mode

The introduction of resource management mode improved Azure security and increased its ease of use. This model can deploy, manage, and group related resources into a single entity.

When updating access control policies, apply these to the entire group and any new resources added to the group. This mode also allows a user to define the dependencies between resources, meaning deployment will occur in the correct order.

When deploying resource management mode, operators will also have access to the Azure Resource Manager (ARM). ARM allows for a universal standardization over a company’s cloud-solutions security.

However, regardless of which mode an organization deploys, it is still at risk of dangerous cyberattacks—as with any threat to a system, being aware of it is the most effective preventative measure. As more people adopt Azure, it will continue to grow in complexity, lending credence to the need for continual Azure pentesting.

An Azure pentest will be able to identify if a system is vulnerable to the three primary forms of a cyberattack against the cloud platform:

  • Ransomware attack
  • Threats to public and private IP addresses
  • Overtaking Azure's Privileged Identity Management (PIM)

Establishing Access Levels in Azure Cloud

After a company chooses which model it wants to deploy, it’s time to set up management access and ensure the implementation of multi-factor authentication (MFA) for additional security.

From here, it is necessary to establish roles that limit user activity. Azure provides three generic resource access levels: ‘Owner, Contributor, and Reader.’ However, if these rules don't fully entail everything a particular individual needs to use Azure, management can establish specific permissions.

Keep in mind that any amendments made to the core roles invites added risk.

Azure Cloud Security

Since the primary business model behind Azure is to provide cloud-based solutions, it stands to reason that security is a primary concern. However, by offering features such as Infrastructure as a Service (IaaS), Platform as a Service (PaaS), and Software as a Service (SaaS,) a window of opportunity opens up for malicious hackers, that would be much more difficult to access if the company used an on-premise platform.

While Microsoft has expanded its Azure Security Center, the responsibility of hardening a system is shared. This shared responsibility means that companies are accountable for conducting their own Azure pentest.

Even with the Azure Security Center and its tools to detect security vulnerabilities and threats, the advanced tools are hidden behind a paywall.

To ensure that its resources are fully secured, a company will need to contract a security professional experienced with Azure pentesting.

Azure Vulnerabilities & Encryption

Microsoft's Azure delivers a great feature known as Data Encryption at Rest. This security component uses symmetric encryption to encrypt and decrypt vast quantities of data rapidly.

While this feature is a hallmark of any digital security, companies should be aware that the core responsibility of securing private information within the cloud is that of the client and not the service provider.

It’s up to an organization to safeguard its data by employing a security professional familiar with Azure pentesting. If a company has any of the following issues, it may be at risk to attack:

  • Storage accounts accessible from the internet
  • Lack of multi-factor authentication for privileged users
  • Azure Security Center without standard tier protection
  • Azure Virtual networks with Basic DDoS protection
  • Unencrypted OS and Data disks
  • A high number of guest users in Azure AD
  • HTTPS only traffic is not enforced for all web apps

This list is not exhaustive but highlights many areas that a criminal can use to exploit a system.

Cobalt Can Help

To ensure that your Azure services are compliant and secure from cyberattacks, learn more about how Pentest as a Service (PtaaS) can empower your Azure pentesting needs. As leaders in the digital security industry, the team of experts at Cobalt is well-versed in Azure pentesting.

Modernizing PentestingSecurity Team Blog

Related Stories

AWS Cloud Security: How to Look for and Prevent the Most Common Pentest Vulnerabilities
AWS Cloud Security: How to Look for and Prevent the Most Common Pentest Vulnerabilities
Explore the most common security flaws in AWS environments, how to prevent them, and strategies for improving your AWS cloud security.
Read moreArrow Right
AWS Pentesting: An Essential Guide
AWS Pentesting: An Essential Guide
As AWS capabilities continue to grow, the need for AWS pentesting increases. Learn about Cobalt’s AWS pentesting services here.
Read moreArrow Right
Cobalt Platform Deep Dive: Pentest Coverage Checklist
Cobalt Platform Deep Dive: Pentest Coverage Checklist
The Coverage Checklist is a list of checks that guides pentesters into following a baseline of security controls depending on the test’s requirements.
Read moreArrow Right

Never miss a story

Stay updated about Cobalt news as it happens