Technical Writing
Tech Blog
Cloud security, identity, infrastructure, and research. Deep dives, tools, and practical guidance.
OID-See: Giving Your OAuth Apps the Side-Eye
OID-See or BloodHound for OAuth in Entra: mapping consent, scopes, assignments, and trust signals into a graph so you can spot impersonation risk and OAuth sprawl.
Silent Drip: When Sync Becomes a Slow Leak
An investigation into plaintext persistence and invisible data propagation through Microsoft Edge Drop.
The Unseen Variable: Identity, Agentic AI and the Path of Least Resistance
The Unseen Variable: Identity, Agentic AI and the Path of Least Resistance Every few years the industry rediscovers a truth that has always been hiding in plain sight. We rename it, formalise it, and publish new …
GCP Professional Cloud Security Engineer: 2025 Study Resources Update
Updated resources, exam lessons, and study guidance for the GCP Professional Cloud Security Engineer certification in 2025
SPADE: Side-channel Platform Abuse and Data Exfiltration
SPADE describes how adversaries can abuse trusted SaaS-hosted runtimes like Google Colab to exfiltrate data and evade CASB, EDR, and proxy controls - bypassing enterprise defenses via unexpected channels.
Announcing ISDF – Intune Stateful Device Fingerprinting
Earlier this year, I published OuttaTune – a deep dive into how Conditional Access (CA) depends on device-sourced metadata and the risks of trusting values that endpoints themselves can assert. While the community …