Cover Photo by Kafka Anokhina on Unsplash This is a personal blog and all content therein is my personal opinion and not that of my employer. Introduction In this post, I’m going to talk about an issue I spotted recently, to make you aware of an overly privileged built-in role in Microsoft …

Cover Photo generated with AI - 19th November 2023 at 17:59 UTC by DALL-E 3 via Bing Chat Introduction In this post, I’m going to talk about a problem I recently experienced with permissions in GitHub, how I worked around them and what you need to know about OAuth permissions in GitHub. What …

Introduction I recently managed to pass the Google Cloud Certified: Professional Cloud Security Engineer exam. In my last post, I talked about the learning journey - this post will cover what I did to prep for the exam after completing those courses and my experience of the exam itself. Preparation …

Cover Photo by David East on Unsplash Introduction In this post, I’m going to talk about a concept you may have heard of (shadow admins), what they are, why they are a problem you need to care about, and what to do about them. What is a shadow admin? The name should be fairly self explanatory …

Cover Photo by National Cancer Institute on Unsplash Introduction In this post, I’m going to talk about becoming a Microsoft Security Researcher. I mentioned this in my last post. I sort of brushed over it but when I was speaking to one of my colleagues and friends about the post just before I …

Cover Photo by Joe Zlomek on Unsplash In this post, I’m going to talk about something that I discovered whilst working on a project a little while ago, some default behaviour in the Microsoft Azure Linux VM Agent which can lead to credential/secret leakage in your linux VM. What is the Azure …