Hi!

Its my immense pleasure to share you that I have been awarded as Microsoft Most Valuable Professional (MVP) for the 6th time.

Honored and humbled to have been rewarded as a Microsoft Most Valuable Professional (MVP) for the 6th time! #AzureSecurity #CloudSecurity #MVPBuzz

— Maxime Coquerel (@zig_max) July 5, 2022

I would like to thanks Microsoft MVP Award team, Betsy and Rochelle. Finally, thanks to all my colleagues, blog readers and commentators. Congratulations to all the new and renewed MVP!

Maxime.

Hi!

Two weeks ago, I had the pleasure to give a talk for the Global Azure 2022 – Quebec City Chapter about the Cloud Security Training.

Maxime.

Hi!

In this article, I will show you how you can scan an Azure Blob to identity potential public storage containers. By default when you create a new container, you have 3 options to define the public level access:

• Private: No public access to this container (default configuration).
• Blob: Public access is permitted to this container and its blobs.
• Container: Public access is permitted to blobs in this container, but not to the container itself.

To leverage this attack, we will use a function including in the MicroBurst tool.

Invoke-EnumerateAzureBlobs -Base yourcompanyname

In this example, I will use an additional containerlist file with some folders examples (dev, non, prod, devprod, ….)

Invoke-EnumerateAzureBlobs -Base zigmaxlab -Folders .\containerlist.txt

Maxime.