I recently presented “Persisting Unseen: Attacker Methods of Infesting Entra ID” at RSAC’s virtual Cloud Security seminar. This session introduced some methods attackers may use now or in the near ...

This is a reflective end-of-year post on using AI to make our app wishes come true. Happy holidays! ❄️ Markets of one I came across Robin Sloan’s “An app can be a home-cooked meal” early this ...

The Azure Resource Graph Explorer is a great way to quickly understand your Azure netework exposure. Simple KQL queries let you review all your resources at once, free of charge! More complex joins...

This post documents the process to create and test a new attack technique for Stratus Red Team, a threat emulation tool built in Terraform and Go. Introduction I recently had the opportunity to co...

Quick notes on Terraform + Entra ID. On quickly building labs I recently needed a quick Entra ID test environment to better understand groups, role assignments, and administrative units. Several g...

Learning from Wiz’s EKS Cluster Games in AWS. Last November, the Wiz team released the EKS Cluster Games for practice attacking Amazon Elastic Kubernetes Service (EKS) environments. I had a blast ...

Creativity fuels us: End-of-year reflections. The Talk In October, I had 5 minutes to address the end-of-day crowd at BSides Toronto during a spontaneous Lightning Talks session. I love Lightning...

Learning from Wiz’s Big IAM Challenge in AWS. In the leadup to fwd:cloudsec last month, the Wiz team released The Big IAM Challenge. While I didn’t have time to work on this CTF ahead of the confe...

This post is a part of the “Career Fundamentals” series. How to become comfortable & confident with self-guided projects and learning. Why Learn Hands On? These days, it feels like there...

On burnout, balance, and choosing a focus. “What do you want?” The best coaching question I’ve ever received was at the moment I least expected it, four years ago. I was tired, overwhelmed with a...