Security Conferences Keep Us Honest Permalink
Conferences are where vendors and security researchers meet face to face to address problems and discuss solutions — despite the risks associated with public...
Recent Posts
My intense 2am conversation with MSRC a week before BlackHat
Research as usual
M365 guest accounts + Power Apps = security nightmare Permalink
A login, a PA trial license, and some good old hacking are all that’s needed to nab SQL databases
Rogue Azure AD Guests Can Steal Data via Power Apps Permalink
A few default guest setting manipulations in Azure AD and over-promiscuous low-code app developer connections can upend data protections.
Remediation Ballet Is a Pas de Deux of Patch and Performance Permalink
AI-generated code promises quicker fixes for vulnerabilities, but ultimately developers and security teams must balance competing interests.