Presentation Material

AI Generated Summary^{may contain errors}

Here is a summarized version of the content:

Identity and Purpose

The speaker demonstrates how to extract sensitive information from two folders, Idenentities (Sammy and Uami) containing system-assigned manager entity and user-assigned manager identities. This allows fetching of storage account keys and Azure tokens outside of the compute instance.

Malicious Activity vs Legitimate Activity

The speaker compares logs between legitimate and malicious activities, , showing that the logs are almost identical, AML workspace information can be fetched using a JWT token obtained from the system-assigned manager identity outside of the Azure boundary. The certificates used are valid for two years, requiring compute instance deletion to invalidate.

Takeaways

1. Enable cloud service logging and implement least privilege scoping for identities.
2. Defense in depth is crucial for cloud environments.
3. Threat modeling can help uncover design issues.
4. Set up environments using best practices, including private links and endpoints.
5. Monitor cloud environments for changes and perform regular security checks.

Machine Learning Environments

1. The integrity of artifacts (e.g., Jupiter notebooks) is critical in machine learning environments.
2. Use custom roles and policies to avoid overprivileging.
3. Leverage frameworks like Azure Threat Research Matrix and Storage Matrix.
4. Implement the Atlas framework for adversarial threat landscape in AI systems.

Conclusion

The speaker emphasizes the importance of securing cloud services, especially in machine learning environments, where threats can have significant consequences. By following best practices and implementing defense in depth, organizations can reduce the risk of exploitation.