{"id":1291,"date":"2024-09-09T22:35:31","date_gmt":"2024-09-09T20:35:31","guid":{"rendered":"https:\/\/www.jussimetso.com\/?p=1291"},"modified":"2024-09-09T23:56:37","modified_gmt":"2024-09-09T21:56:37","slug":"microsoft-cloud-attack-and-defense-bootcamp","status":"publish","type":"post","link":"https:\/\/www.jussimetso.com\/index.php\/2024\/09\/09\/microsoft-cloud-attack-and-defense-bootcamp\/","title":{"rendered":"Microsoft Cloud Attack and Defense Bootcamp"},"content":{"rendered":"<div id=\"bsf_rt_marker\"><\/div>\t\t<div data-elementor-type=\"wp-post\" data-elementor-id=\"1291\" class=\"elementor elementor-1291\" data-elementor-post-type=\"post\">\n\t\t\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-f035e8a elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"f035e8a\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-b0092cb\" data-id=\"b0092cb\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-7eb863b elementor-toc--minimized-on-tablet elementor-widget elementor-widget-table-of-contents\" data-id=\"7eb863b\" data-element_type=\"widget\" data-e-type=\"widget\" data-settings=\"{&quot;exclude_headings_by_selector&quot;:[],&quot;headings_by_tags&quot;:[&quot;h2&quot;,&quot;h3&quot;,&quot;h4&quot;,&quot;h5&quot;,&quot;h6&quot;],&quot;marker_view&quot;:&quot;numbers&quot;,&quot;no_headings_message&quot;:&quot;No headings were found on this page.&quot;,&quot;minimize_box&quot;:&quot;yes&quot;,&quot;minimized_on&quot;:&quot;tablet&quot;,&quot;hierarchical_view&quot;:&quot;yes&quot;,&quot;min_height&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_tablet&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]},&quot;min_height_mobile&quot;:{&quot;unit&quot;:&quot;px&quot;,&quot;size&quot;:&quot;&quot;,&quot;sizes&quot;:[]}}\" data-widget_type=\"table-of-contents.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<div class=\"elementor-toc__header\">\n\t\t\t\t\t\t<h4 class=\"elementor-toc__header-title\">\n\t\t\t\tTable of Contents\t\t\t<\/h4>\n\t\t\t\t\t\t\t\t\t\t<div class=\"elementor-toc__toggle-button elementor-toc__toggle-button--expand\" role=\"button\" tabindex=\"0\" aria-controls=\"elementor-toc__7eb863b\" aria-expanded=\"true\" aria-label=\"Open table of contents\"><i aria-hidden=\"true\" class=\"fas fa-chevron-down\"><\/i><\/div>\n\t\t\t\t<div class=\"elementor-toc__toggle-button elementor-toc__toggle-button--collapse\" role=\"button\" tabindex=\"0\" aria-controls=\"elementor-toc__7eb863b\" aria-expanded=\"true\" aria-label=\"Close table of contents\"><i aria-hidden=\"true\" class=\"fas fa-chevron-up\"><\/i><\/div>\n\t\t\t\t\t<\/div>\n\t\t\t\t<div id=\"elementor-toc__7eb863b\" class=\"elementor-toc__body\">\n\t\t\t<div class=\"elementor-toc__spinner-container\">\n\t\t\t\t<i class=\"elementor-toc__spinner eicon-animation-spin eicon-loading\" aria-hidden=\"true\"><\/i>\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6a397b5 elementor-widget elementor-widget-heading\" data-id=\"6a397b5\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Overview<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-557ae1e elementor-widget elementor-widget-text-editor\" data-id=\"557ae1e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>I had a change to partipate new <span style=\"text-decoration: underline;\"><a href=\"https:\/\/bootcamps.pwnedlabs.io\/mcrtp-bootcamp\" target=\"_blank\" rel=\"noopener\">Microsoft Cloud Attack and Defense bootcamp<\/a><\/span> hosted by <a href=\"https:\/\/pwnedlabs.io\/\" target=\"_blank\" rel=\"noopener\"><span style=\"text-decoration: underline;\">pwned labs<\/span><\/a>.\u00a0 I learned a lot but need to practice more for the exam.<\/p><p>So if you interested to become a <strong>penetration tester<\/strong>, <strong>red team operator<\/strong> or<strong> cloud security professional focused on Azure and M365<\/strong>, this learning path is something you could check.<\/p><p>The realistic labs simulate actual company environments and active users across Azure and Microsoft 365, that you are likely to come across during engagements or in your own organization.<\/p><ul><li><p>Identify, replicate and detect tradecrafts from recent cloud breaches<\/p><\/li><li><p>Explore various methods to complete the same tasks and become tool-agnostic<\/p><\/li><li><p>Learn how to <span style=\"text-decoration: underline;\">evict threats<\/span> and rotate\/reset various forms of credentials<\/p><\/li><\/ul><p>Bootcamp showcases trending techniques and tradecraft used by real threat actors, including Storm-0558 and APT-29.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-01502bd elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"01502bd\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-3690a6a elementor-widget elementor-widget-heading\" data-id=\"3690a6a\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Bootcamp's learning possibilities<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-823028e elementor-widget elementor-widget-text-editor\" data-id=\"823028e\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>It has four live sessions and learning paths with labs of course:<\/p><ol><li>Getting initial access to the Microsoft Cloud<\/li><li>Attacking M365, abusing tokens and bypassing MFA<\/li><li>Attacking and defending Azure resources<\/li><li>Purple and blue teaming in Azure<\/li><\/ol><p>The bootcamp starts from basics\u00a0 like AZ-900 but it starts going deep very quickly. And if you know \/ understand the following topics this should be easy:<\/p><ul><li>Understanding key Azure, Entra ID and Microsoft Graph concepts<\/li><li>Leveraging Azure resources to gain initial access and move laterally<\/li><li>Using modern phishing frameworks to gain initial access<\/li><li>Performing token abuse for lateral movement<\/li><li>Hands-on purple teaming in Azure<\/li><li>Increasing resource access through Office\/Microsoft 365<\/li><li>Exploiting Conditional Access Policy \/ MFA enablement gaps<\/li><li>Attacking and defending Azure App Services<\/li><li>Creating Azure and Microsoft 365 tenant security reports<\/li><li>Detecting threats with Microsoft Sentinel<\/li><li>Lateral Movement from Azure to on-premises AD, and back!<\/li><\/ul><p>You can learn them during the bootcamp but of course labs and the test can be harder then.\u00a0<\/p><p>After the bootcamp it&#8217;s possible to participate <a href=\"https:\/\/bootcamps.pwnedlabs.io\/mcrtp-bootcamp-faq\" target=\"_blank\" rel=\"noopener\"><span style=\"text-decoration: underline;\"><strong>Microsoft Cloud Red Team Professional (MCRTP)<\/strong><\/span><\/a> exam.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-7769f44 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"7769f44\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-149084b elementor-widget elementor-widget-heading\" data-id=\"149084b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Sessions in the bootcamp<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d726177 elementor-widget elementor-widget-text-editor\" data-id=\"d726177\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>I will shortly present what kind of content are included in different sessions.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-132a03f elementor-widget elementor-widget-heading\" data-id=\"132a03f\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Getting initial access to the Microsoft Cloud<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f2c29f6 elementor-widget elementor-widget-text-editor\" data-id=\"f2c29f6\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>After covering the required theory on Azure and Entra ID, you&#8217;ll learn about ARM, Microsoft Graph, and various techniques for user enumeration, including internal authenticated and external unauthenticated methods. You&#8217;ll then get hands-on with techniques to gain Azure initial access, from on-premises, password spraying, subdomain and blob container enumeration and\u00a0phishing.<\/p><p>The associated learning path for this session provides a solid introduction to Azure security.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d63d57b elementor-widget elementor-widget-image\" data-id=\"d63d57b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img fetchpriority=\"high\" decoding=\"async\" width=\"239\" height=\"211\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_graph.png?fit=239%2C211&amp;ssl=1\" class=\"attachment-large size-large wp-image-1442\" alt=\"\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d669237 elementor-widget elementor-widget-heading\" data-id=\"d669237\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Attacking M365, abusing tokens and bypassing MFA<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-bebcc79 elementor-widget elementor-widget-text-editor\" data-id=\"bebcc79\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>In this next part you&#8217;ll explore various aspects of tokens, including types, scopes, locations, and formats. You&#8217;ll get hands-on with token abuse for lateral movement in Azure and M365 We&#8217;ll also identify MFA gaps using various tools, and harvest data from M365 using GraphRunner and direct API calls. The session includes a demonstration of <a href=\"https:\/\/aadinternals.com\/\" target=\"_blank\" rel=\"noopener\"><span style=\"text-decoration: underline;\">AADInternals<\/span><\/a> and hands-on activities to create and bypass CAP challenges.<\/p><p>In the associated learning path for this session you&#8217;ll get hands-on with exfiltrating data from M365 using GraphRunner, create phishing lures and infrastructure to exploit active users, and capitalize on MFA enablement gaps.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-50f94a1 elementor-widget elementor-widget-image\" data-id=\"50f94a1\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"300\" height=\"194\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_M365-Apps-Image.webp?fit=300%2C194&amp;ssl=1\" class=\"attachment-medium size-medium wp-image-1441\" alt=\"\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_M365-Apps-Image.webp?w=750&amp;ssl=1 750w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_M365-Apps-Image.webp?resize=300%2C194&amp;ssl=1 300w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-c24b652 elementor-widget elementor-widget-heading\" data-id=\"c24b652\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Attacking and defending Azure resources<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-65a7934 elementor-widget elementor-widget-text-editor\" data-id=\"65a7934\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>You&#8217;ll practice offensive tradecraft against Azure Container Apps, Web Apps, Function Apps, VMs, and databases. After exploiting an Azure Web App, we&#8217;ll use this to move laterally, and also explore defensive measures. The session includes demonstrations on attacking Function Apps, remotely executing commands on Azure VMs using Script Extensions, and exfiltrating data from Azure Cosmos DB.<\/p><p>The associated learning path for this session provides further hands-on experience in attacking Azure App Services, virtual machines and databases.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-eee9ac4 elementor-widget elementor-widget-image\" data-id=\"eee9ac4\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img decoding=\"async\" width=\"300\" height=\"300\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_Microsoft.VisualStudio.Services.Icons_.png?fit=300%2C300&amp;ssl=1\" class=\"attachment-medium size-medium wp-image-1440\" alt=\"\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_Microsoft.VisualStudio.Services.Icons_.png?w=600&amp;ssl=1 600w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_Microsoft.VisualStudio.Services.Icons_.png?resize=300%2C300&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_Microsoft.VisualStudio.Services.Icons_.png?resize=150%2C150&amp;ssl=1 150w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-84ea15b elementor-widget elementor-widget-heading\" data-id=\"84ea15b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h3 class=\"elementor-heading-title elementor-size-default\">Purple and blue teaming in Azure<\/h3>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b96df17 elementor-widget elementor-widget-text-editor\" data-id=\"b96df17\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p>You&#8217;ll engage in purple teaming exercises using BloodHound and ROADrecon to identify attack paths in Azure environments. You&#8217;ll also explore Azure security tools for defenders, including Sentinel, Azure sign-in and activity logs, and ScubaGear. This final session features a fun capstone CTF that simulates a realistic scenario, followed by a Q&amp;A and guidance on preparing for the MCRTP exam.<\/p><p>The labs included in the learning path for this session reinforce familiarity with BloodHound, gaining situational awareness in Azure, and exploiting resources for lateral movement. They are also suitable for a CTF approach if you prefer to test your readiness for the exam.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-561df13 elementor-widget elementor-widget-image\" data-id=\"561df13\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"200\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_roadrecon-e1725910209832.webp?fit=300%2C200&amp;ssl=1\" class=\"attachment-medium size-medium wp-image-1439\" alt=\"\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-da1b507 elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"da1b507\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-b5eae7e elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"b5eae7e\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-9b69289\" data-id=\"9b69289\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-d681bef elementor-widget elementor-widget-heading\" data-id=\"d681bef\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">The certification - Microsoft Cloud Red Team Professional (MCRTP)<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e687403 elementor-widget elementor-widget-image\" data-id=\"e687403\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t<figure class=\"wp-caption\">\n\t\t\t\t\t\t\t\t\t\t\t<a href=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_lopo_transparent.png?ssl=1\" data-elementor-open-lightbox=\"yes\" data-elementor-lightbox-title=\"mcrtp_lopo_transparent\" data-e-action-hash=\"#elementor-action%3Aaction%3Dlightbox%26settings%3DeyJpZCI6MTQ0NSwidXJsIjoiaHR0cHM6XC9cL3d3dy5qdXNzaW1ldHNvLmNvbVwvd3AtY29udGVudFwvdXBsb2Fkc1wvMjAyNFwvMDlcL21jcnRwX2xvcG9fdHJhbnNwYXJlbnQucG5nIn0%3D\">\n\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"232\" height=\"300\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_lopo_transparent.png?fit=232%2C300&amp;ssl=1\" class=\"attachment-medium size-medium wp-image-1445\" alt=\"\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_lopo_transparent.png?w=1115&amp;ssl=1 1115w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_lopo_transparent.png?resize=232%2C300&amp;ssl=1 232w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_lopo_transparent.png?resize=791%2C1024&amp;ssl=1 791w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_lopo_transparent.png?resize=768%2C995&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_lopo_transparent.png?resize=300%2C389&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_lopo_transparent.png?resize=850%2C1101&amp;ssl=1 850w\" sizes=\"(max-width: 232px) 100vw, 232px\" \/>\t\t\t\t\t\t\t\t<\/a>\n\t\t\t\t\t\t\t\t\t\t\t<figcaption class=\"widget-image-caption wp-caption-text\">Click to enlange<\/figcaption>\n\t\t\t\t\t\t\t\t\t\t<\/figure>\n\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-25b3055 elementor-widget elementor-widget-text-editor\" data-id=\"25b3055\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><strong>In <a href=\"https:\/\/bootcamps.pwnedlabs.io\/mcrtp-bootcamp-faq\" target=\"_blank\" rel=\"noopener\"><span style=\"text-decoration: underline;\">Microsoft Cloud Red Team Professional (MCRTP)<\/span><\/a> exam<\/strong>, you&#8217;ll have 24 hours to exploit a realistic scenario. You will be provided with an entry-point, and will need to complete an exploitation chain to get the flag.<\/p><p>On completion of the Microsoft Cloud Attack and Defense bootcamp and its accompanying learning path, you&#8217;ll be prepared to demonstrate your skills in the realistic exam lab. This fully hands-on, unproctored exam challenges you to apply your newfound expertise in the hunt for flags.<\/p><p>The exam environment is dynamic, with flags and scenarios changing periodically to ensure the credibility of the certification when applying for Azure security roles.<\/p><p>Environment for the exam is also provided by pwned labs so you don&#8217;t need to buy any other environment to try the exam.<\/p><p>In addition to your official <strong>MCRTP certificate<\/strong> you will also receive a <a href=\"https:\/\/info.credly.com\/\" target=\"_blank\" rel=\"noopener\"><span style=\"text-decoration: underline;\">Credly<\/span><\/a> digital certificate.<\/p><p>Good luck and may the force be with you.<\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-2cc6c1b elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"2cc6c1b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<section class=\"elementor-section elementor-top-section elementor-element elementor-element-2fea6a1 elementor-section-boxed elementor-section-height-default elementor-section-height-default\" data-id=\"2fea6a1\" data-element_type=\"section\" data-e-type=\"section\">\n\t\t\t\t\t\t<div class=\"elementor-container elementor-column-gap-default\">\n\t\t\t\t\t<div class=\"elementor-column elementor-col-100 elementor-top-column elementor-element elementor-element-3c68a05\" data-id=\"3c68a05\" data-element_type=\"column\" data-e-type=\"column\">\n\t\t\t<div class=\"elementor-widget-wrap elementor-element-populated\">\n\t\t\t\t\t\t<div class=\"elementor-element elementor-element-2cf7353 elementor-widget elementor-widget-heading\" data-id=\"2cf7353\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">The host and the trainer<\/h2>\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d850213 elementor-widget elementor-widget-image\" data-id=\"d850213\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"image.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<img loading=\"lazy\" decoding=\"async\" width=\"300\" height=\"300\" src=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_ian.webp?fit=300%2C300&amp;ssl=1\" class=\"attachment-medium size-medium wp-image-1443\" alt=\"\" srcset=\"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_ian.webp?w=1082&amp;ssl=1 1082w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_ian.webp?resize=300%2C299&amp;ssl=1 300w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_ian.webp?resize=1024%2C1022&amp;ssl=1 1024w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_ian.webp?resize=150%2C150&amp;ssl=1 150w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_ian.webp?resize=768%2C767&amp;ssl=1 768w, https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/mcrtp_ian.webp?resize=850%2C848&amp;ssl=1 850w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/>\t\t\t\t\t\t\t\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-84c745b elementor-widget elementor-widget-text-editor\" data-id=\"84c745b\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t\t\t<p><a href=\"https:\/\/www.linkedin.com\/in\/i%D0%B0n-%D0%B0ustin\/\" target=\"_blank\" rel=\"noopener\"><span style=\"text-decoration: underline;\">Ian Austin<\/span><\/a> is a security researcher and educator with a career spanning over 20 years in technical, security and leadership roles for global enterprises.<\/p><p>Ian was Head of Content at <a href=\"https:\/\/www.hackthebox.com\/\" target=\"_blank\" rel=\"noopener\"><span style=\"text-decoration: underline;\">Hack The Box<\/span><\/a>, an online platform for cybersecurity training and assessment. He also participated in the Green Team of Locked Shields, a NATO cyber defense exercise, contributing to the design and execution of realistic scenarios.<\/p><p>He is the founder of Pwned Labs, providing gamified and immersive cloud security labs for red and blue teams.<\/p><p><strong>So if you want to participate the real bootcamp for Azure red &amp; blue team activities join <a href=\"https:\/\/bootcamps.pwnedlabs.io\/mcrtp-bootcamp\" target=\"_blank\" rel=\"noopener\"><span style=\"text-decoration: underline;\">here.<\/span><\/a>\u00a0<\/strong><\/p>\t\t\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-202576d elementor-widget-divider--view-line elementor-widget elementor-widget-divider\" data-id=\"202576d\" data-element_type=\"widget\" data-e-type=\"widget\" data-widget_type=\"divider.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<div class=\"elementor-divider\">\n\t\t\t<span class=\"elementor-divider-separator\">\n\t\t\t\t\t\t<\/span>\n\t\t<\/div>\n\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>A comprehensive 4-week bootcamp provides students with foundational concepts, essential security tools and techniques, and instruction in attacking and defending Azure and Microsoft 365 environments.<\/p>\n","protected":false},"author":1,"featured_media":1436,"comment_status":"open","ping_status":"open","sticky":false,"template":"elementor_theme","format":"standard","meta":{"advanced_seo_description":"","jetpack_seo_html_title":"","jetpack_seo_noindex":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2},"jetpack_post_was_ever_published":false},"categories":[7],"tags":[],"class_list":["post-1291","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.jussimetso.com\/wp-content\/uploads\/2024\/09\/pwnedlabs-logopng.png?fit=659%2C433&ssl=1","jetpack_shortlink":"https:\/\/wp.me\/pes24X-kP","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/posts\/1291","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/comments?post=1291"}],"version-history":[{"count":0,"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/posts\/1291\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/media\/1436"}],"wp:attachment":[{"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/media?parent=1291"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/categories?post=1291"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.jussimetso.com\/index.php\/wp-json\/wp\/v2\/tags?post=1291"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}