7MS #466: Attacking and Defending Azure AD Cloud (CARTP)
1 min read Podcast, Pentesting, CARTP

7MS #466: Attacking and Defending Azure AD Cloud (CARTP)

SafePass.me is the only enterprise solution to protect organizations against credential stuffing and password spraying attacks. Visit safepass.me for more details, and tell them 7 Minute Security sent you to get a 10% discount!

Welp, I need another security certification like I needed a punch to the retinas, but even after all the fun (and pain) of CRTP I couldn't help but sign up for the maiden voyage of Attacking and Defending Azure AD Cloud - a.k.a. CARTP. This cert comes to us from our friends over at Pentester Academy, and is all about pwning things in Azure AD which is mostly new ground for me.

I this episode I talk about some of the TTPs covered in week 1 of this course, as well as:


  • Courses offered on Saturday (I'm usually pooped for these sessions, but it's easier than taking time during the work week)

  • Student portal - and especially the student guide! - is more polished, easy to read, and easy to copy/paste from.


  • On Saturdays I'm a sleepy Brian. :-)

  • I still wish the course was designed such that we would go through various hands-on-keyboard exercises with the instructor, not just watch.

  • Use of Discord as main comms channel - it causes anxiety for me...too many blips and bloops and blurps with all the notifications. It's also frustrating that the instructor takes questions from Discord sometimes without repeating the question, thus making it hard to figure out what everybody was talking about if I watch the Zoom reply.