Hero image generated by ChatGPT This is a personal blog. All opinions are my own - not my employer’s. Earlier this year, I published OuttaTune – a deep dive into how Conditional Access (CA) depends on device-sourced metadata and the risks of trusting values that endpoints themselves can …

ISDF (Intune Stateful Device Fingerprinting) is an open-source project that closes a specific blindspot in Conditional Access: the fact that device-reported attributes can be locally manipulated. The problem it solves Conditional Access is only as strong as the signals it consumes. If a device can …

Hero image generated by ChatGPT This is a personal blog. All opinions are my own - not my employer’s. Introduction This is a follow-up to my original post detailing a security flaw in Microsoft Intune’s Conditional Access (CA) filtering that allows local admin attackers to bypass CA policies by …

Hero Image generated by ChatGPT This is a personal blog and all content therein is my personal opinion and not that of my employer. Introduction This post details a security weakness in Microsoft Intune’s Conditional Access (CA) filtering, which allows attackers with local admin privileges to …