This is a personal blog and all content herein is my own opinion and not that of my employer. OID-See v1.1.0 is out v1.0.1 tightened the scoring. v1.1.0 expands what OID-See can actually see. This is the biggest release since the initial drop: a new external identity posture surface, a fully …

OID-See v1.0.1 is out 🎉 This is a precision release. No shiny new dashboards. No dramatic architectural upheaval. Just tighter logic, fewer false positives, and a scoring model that better reflects how Entra actually behaves in the real world. If you’re already using OID-See, this release should …

OID-See is a security analysis tool for Microsoft Entra ID (Azure Active Directory) that maps OAuth application consent, permissions, service principal assignments, and trust signals into a queryable graph — giving defenders a BloodHound-style view of OAuth sprawl and impersonation risk. What it …

Hero image generated by ChatGPT This is a personal blog and all content herein is my own opinion and not that of my employer. Correction When I initially done this work and posted this blog, my mental model was that lack of ownership was a bad thing. My failing was in seeing ownership as metadata …

Images in this post generated by Microsoft Copilot This is a personal blog and all content therein is my personal opinion and not that of my employer. Introduction In this post, I’m going to talk about an issue I spotted recently in Power Platform and by extension Copilot Studio. The Issue I …

Cover Photo by Kafka Anokhina on Unsplash This is a personal blog and all content therein is my personal opinion and not that of my employer. Introduction In this post, I’m going to talk about an issue I spotted recently, to make you aware of an overly privileged built-in role in Microsoft …