Technical Writing

Tech Blog

Cloud security, identity, infrastructure, and research. Deep dives, tools, and practical guidance.

Security Amnesia: When Habit Becomes a Vulnerability
17 Jun 2025 · 4 min read · human-factors · cybersecurity

Security Amnesia: When Habit Becomes a Vulnerability

How action slips and repetitive workflows create security risks -- and why it's time to design for the human brain, not against it.

 Security Amnesia: Why Episodic Memory and the Doorway Effect Make Zero Trust Hard
10 Jun 2025 · 4 min read · zero-trust · cognitive-science

Security Amnesia: Why Episodic Memory and the Doorway Effect Make Zero Trust Hard

Why users struggle with Zero Trust and other security principles, explained through the lens of episodic memory, the doorway effect, and cognitive psychology.

 OuttaTune: Bypassing Conditional Access in Microsoft Intune
28 Apr 2025 · 12 min read · microsoft · intune

OuttaTune: Bypassing Conditional Access in Microsoft Intune

Exposing how Microsoft Intune's device filtering can be trivially bypassed to evade Conditional Access controls.

 InsomniHack & Entra Hybrid - Attack & Defence Mind Map : It's easier to attack than you think
14 Apr 2025 · 6 min read · identity · conditional-access

InsomniHack & Entra Hybrid - Attack & Defence Mind Map : It's easier to attack than you think

Entra and Entra Hybrid has a huge attack surface and you're likely not even remotely aware of how easy it is to attack undetected.

 SilentReaper: Undetectable Azure Control Plane Data Harvest
26 Feb 2025 · 18 min read · microsoft · azure

SilentReaper: Undetectable Azure Control Plane Data Harvest

Exposing how control plane exploits in Microsoft’s iPaaS services enable silent data harvesting from workflows and secrets.

 VaultRecon: An Azure Control Plane/Data Plane Isolation Flaw
26 Feb 2025 · 20 min read · microsoft · azure

VaultRecon: An Azure Control Plane/Data Plane Isolation Flaw

How Microsoft's Isolation of Control Plane and Data Plane for Key Vault is flawed