Technical Writing
Tech Blog
Cloud security, identity, infrastructure, and research. Deep dives, tools, and practical guidance.
Announcing ISDF – Intune Stateful Device Fingerprinting
Earlier this year, I published OuttaTune – a deep dive into how Conditional Access (CA) depends on device-sourced metadata and the risks of trusting values that endpoints themselves can assert. While the community …
Turn On, Tune In, Cop Out: The sorta, not-really, fix for OuttaTune from Microsoft
Highlighting Microsoft’s documentation and UX tweaks--and the remaining unfixed vulnerability
Secure Google Cloud Authentication in Python: Avoiding CI/CD Pitfalls with Service Accounts
Learn how to avoid common anti-patterns when authenticating to Google Cloud using service accounts in Python--especially in CI/CD pipelines like Azure DevOps. This post walks through better practices for secure, reusable credential handling, complete with code examples.
Security Amnesia: When Habit Becomes a Vulnerability
How action slips and repetitive workflows create security risks -- and why it's time to design for the human brain, not against it.
Security Amnesia: Why Episodic Memory and the Doorway Effect Make Zero Trust Hard
Why users struggle with Zero Trust and other security principles, explained through the lens of episodic memory, the doorway effect, and cognitive psychology.
OuttaTune: Bypassing Conditional Access in Microsoft Intune
Exposing how Microsoft Intune's device filtering can be trivially bypassed to evade Conditional Access controls.