Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore the security vulnerabilities and attack vectors present in Azure Logic Apps through this 31-minute conference talk from NorthSec 2025. Examine how attackers can exploit misconfigurations in this powerful workflow automation tool to compromise cloud environments, including exposure of sensitive data through improperly secured Logic Apps, execution of malicious inline C# code, privilege escalation within storage accounts, and API connection hijacking. Learn about techniques for cloud-to-on-premises lateral movement and discover the often-overlooked risks of custom authorization logic with real-world examples of bypassed authentication mechanisms leading to unauthorized access and data breaches. Investigate broader security implications including overly permissive role-based access control (RBAC), insecure service principals, and unprotected external system connections that enable privilege escalation and lateral movement across cloud and on-premises environments. Analyze real-world exploitation scenarios and dissect critical workflow vulnerabilities while understanding effective countermeasures to strengthen Logic App security implementations and ensure resilient cloud operations.
