I had an idea for a PII anonymization service, with the intention of maintaining integrity with the data it’s anonymized. The original context was for anonymizing Microsoft Sentinel database dumps...

Summary This blog post explores three AI guardrail products, and how to integrate them with the Strands Agents SDK. I opened a pull request into the Strands Agents Samples repo two months ago, and ...

Summary Modern Microsoft Azure hypervisors support nested virtualization; meaning you can run virtual machines within virtual machines. With a bit of magic, you can create an effective “Virtual ESX...

Unlocking Next-Gen Kubernetes Security with eBPF tooling and Microsoft Sentinel This post explores the setup and configuration of Cilium and Tetragon in Azure Kubernetes Service and integrating &am...

Google Cloud - Managing Google’s Unverified Authentication Library In Google Cloud, Application Default Credentials (ADC) allows your code/applications to automatically find and use credentials. F...

TL;DR Observable systems can support a security function but are distinctly different. Buzzword cloud “observability” tooling typically only covers either VMs or Linux-based systems such as Ku...

Preamble I keep hearing the term observability thrown around a lot, often used in the wrong context. Working in Cybersecurity, I think people often confuse the idea of observability with blue team...

Cloud technologies move fast, none more so than AWS EKS. I’m not in the business of managing clusters full-time - even via managed services like EKS. I recently revisited the technology and found i...

I recently stumbled across this article from October 2023, which demonstrates an idea of using AWS’s Bottlerocket in your EKS cluster with images already pulled to an EBS snapshot, which is added t...

This post is a writeup of an interesting quirk that I found when playing around with Microsoft Azure Virtual Machines and joining AzureAD domains. I raised the findings with Microsoft Security Res...