This is a personal blog and all content herein is my own opinion and not that of my employer. OID-See v1.1.0 is out v1.0.1 tightened the scoring. v1.1.0 expands what OID-See can actually see. This is the biggest release since the initial drop: a new external identity posture surface, a fully …

Hero image generated by ChatGPT This is a personal blog. All opinions are my own and not those of my employer. We Are Not Exploring New Territory After publishing Capability ≠ Obligation, I had a conversation that lingered far longer than I expected. It wasn’t with a policymaker, a …

Hero image generated by ChatGPT This is a personal blog. All opinions are my own and not those of my employer. Capability ≠ Obligation There is a phrase I keep coming back to as I watch the current wave of agentic systems spill out of demo videos and into the real world: Capability ≠ Obligation …

Hero image generated by ChatGPT This is a personal blog. All opinions are my own and not those of my employer. From Clawdbot to GAINet: When Agent Experiments Outrun Accountability This post didn’t start as a philosophical musing about AI. It started with a very practical, very familiar security …

OID-See v1.0.1 is out 🎉 This is a precision release. No shiny new dashboards. No dramatic architectural upheaval. Just tighter logic, fewer false positives, and a scoring model that better reflects how Entra actually behaves in the real world. If you’re already using OID-See, this release should …

OID-See is a security analysis tool for Microsoft Entra ID (Azure Active Directory) that maps OAuth application consent, permissions, service principal assignments, and trust signals into a queryable graph — giving defenders a BloodHound-style view of OAuth sprawl and impersonation risk. What it …