Endpoint-Security

Announcing ISDF – Intune Stateful Device Fingerprinting
Announcing ISDF – Intune …

Hero image generated by ChatGPT

This is a personal blog. All opinions are my own - not my employer’s.

Earlier this year, I published OuttaTune – a deep dive into how Conditional Access (CA) depends on device-sourced metadata and the risks of trusting values that endpoints themselves can …

September 4, 2025 Read
ISDF — Intune Stateful Device Fingerprinting
ISDF — Intune Stateful …

ISDF (Intune Stateful Device Fingerprinting) is an open-source project that closes a specific blindspot in Conditional Access: the fact that device-reported attributes can be locally manipulated.

The problem it solves

Conditional Access is only as strong as the signals it consumes. If a device can …

September 4, 2025 Read
Turn On, Tune In, Cop Out: The sorta, not-really, fix for OuttaTune from Microsoft
Turn On, Tune In, Cop …

Hero image generated by ChatGPT

This is a personal blog. All opinions are my own - not my employer’s.

Introduction

This is a follow-up to my original post detailing a security flaw in Microsoft Intune’s Conditional Access (CA) filtering that allows local admin attackers to bypass CA policies by …

August 4, 2025 Read
OuttaTune: Bypassing Conditional Access in Microsoft Intune
OuttaTune: Bypassing …

Hero Image generated by ChatGPT

This is a personal blog and all content therein is my personal opinion and not that of my employer.

Introduction

This post details a security weakness in Microsoft Intune’s Conditional Access (CA) filtering, which allows attackers with local admin privileges to …

April 28, 2025 Read