Cover Photo by Kafka Anokhina on Unsplash

This is a personal blog and all content therein is my personal opinion and not that of my employer.

Introduction

In this post, I’m going to talk about an issue I spotted recently, to make you aware of an overly privileged built-in role in …

Cover Photo generated with AI - 19th November 2023 at 17:59 UTC by DALL-E 3 via Bing Chat

Introduction

In this post, I’m going to talk about a problem I recently experienced with permissions in GitHub, how I worked around them and what you need to know about OAuth permissions in GitHub. …

Introduction

I recently managed to pass the Google Cloud Certified: Professional Cloud Security Engineer exam.

In my last post, I talked about the learning journey - this post will cover what I did to prep for the exam after completing those courses and my experience of the exam itself.

Preparation …

Cover Photo by David East on Unsplash

Introduction

In this post, I’m going to talk about a concept you may have heard of (shadow admins), what they are, why they are a problem you need to care about, and what to do about them.

What is a shadow admin?

The name should be fairly self …

Cover Photo by National Cancer Institute on Unsplash

Introduction

In this post, I’m going to talk about becoming a Microsoft Security Researcher. I mentioned this in my last post. I sort of brushed over it but when I was speaking to one of my colleagues and friends about the post just …

Cover Photo by Joe Zlomek on Unsplash

In this post, I’m going to talk about something that I discovered whilst working on a project a little while ago, some default behaviour in the Microsoft Azure Linux VM Agent which can lead to credential/secret leakage in your linux VM.

What is the …