	245 8th Street San Francisco, CA 94103

FOR IMMEDIATE RELEASE

CONTACT:

Natalie Gleason

Marketing Associate

415.294.3739

media@nostarch.com

Pentesting Azure Applications

A practical guide to conducting security assessments in Azure

San Francisco, CA (August 28, 2018) � Pentesting Azure Applications ($39.95, 216 pp., July 2018) is a comprehensive guide to penetration testing cloud services deployed in Microsoft Azure, the popular cloud computing service provider used by numerous companies. Readers first learn how to approach a cloud-focused penetration test and how to obtain the proper permissions to execute it. They then learn how to perform reconnaissance on an Azure subscription, gain access to Azure Storage accounts, dig into Azure�s Infrastructure as a Service (IaaS), and:

Uncover weaknesses in virtual machine settings that enable them to acquire passwords, binaries, code, and settings files
Use PowerShell commands to find IP addresses, administrative users, and resource details
Find security issues related to multi-factor authentication and management certificates
Penetrate networks by enumerating firewall rules
Investigate specialized services like Azure Key Vault, Azure Web Apps, and Azure Automation
View logs and security events to find out when they�ve been caught

Packed with sample pentesting scripts, practical advice for completing security assessments, and tips that explain how companies can configure Azure to foil common attacks, Pentesting Azure Applications is a clear overview of how to effectively perform cloud-focused security tests and provide accurate findings and recommendations. With a tone that makes its contents easy to digest, the reader can expect to walk away with a good understanding of how Azure can be used securely and how to measure that security effectively.

�END�

Author Bio

Matt Burrough is a senior penetration tester on a corporate red team, where he assesses the security of cloud computing services and inter�nal systems. He holds a bachelor�s degree in networking, security, and system administration from Rochester Institute of Technology and a master�s degree in computer science from the University of Illinois at Urbana-Champaign.

About No Starch Press

San Francisco�based No Starch Press has published the finest in geek entertainment since 1994�bestsellers like Python Crash Course, Python for Kids, The Linux Command Line, How Linux Works, and Hacking: The Art of Exploitation. Our titles have personality and attitude, our authors are passionate about their subjects, and our editorial team puts every book through a rigorous process of developmental editing, tech review, design, and production.