Technical Writing
Tech Blog
Cloud security, identity, infrastructure, and research. Deep dives, tools, and practical guidance.
Turn On, Tune In, Cop Out: The sorta, not-really, fix for OuttaTune from Microsoft
Highlighting Microsoft’s documentation and UX tweaks--and the remaining unfixed vulnerability
Secure Google Cloud Authentication in Python: Avoiding CI/CD Pitfalls with Service Accounts
Learn how to avoid common anti-patterns when authenticating to Google Cloud using service accounts in Python--especially in CI/CD pipelines like Azure DevOps. This post walks through better practices for secure, reusable credential handling, complete with code examples.
Security Amnesia: When Habit Becomes a Vulnerability
How action slips and repetitive workflows create security risks -- and why it's time to design for the human brain, not against it.
Security Amnesia: Why Episodic Memory and the Doorway Effect Make Zero Trust Hard
Why users struggle with Zero Trust and other security principles, explained through the lens of episodic memory, the doorway effect, and cognitive psychology.
OuttaTune: Bypassing Conditional Access in Microsoft Intune
Exposing how Microsoft Intune's device filtering can be trivially bypassed to evade Conditional Access controls.
InsomniHack & Entra Hybrid - Attack & Defence Mind Map : It's easier to attack than you think
Entra and Entra Hybrid has a huge attack surface and you're likely not even remotely aware of how easy it is to attack undetected.