Our new colleague and Principal Security Architect, Cody Burkard, has researched how TCP tunneling in Azure Bastion can be abused. o3c.no/knowledge/abus…

We are very happy to announce our first-ever community event at Deichman Bjørvika (Oslo) now in February! ⭐ If you are interested in Cloud Security, this one is definitely for you! o3c.no/knowledge/clou…

Today we are publishing the first blog in a series by our new colleague, Håkon Nikolai Stange Sørum. The blog is about how we believe a successful application and software security initiative should be built. o3c.no/knowledge/star…

Yesterday, we hosted our very first community event. Over 100 people joined us in Deichman Bjørvika to engage with us and the rest of the Norwegian Cloud Security community. On stage: Karim El-Melhaoui, Cody Burkard, Håkon Nikolai Stange Sørum, @ooestbye, Kent Husvik

Proud sponsor of HackCon

At CSA Norway meetup, Cody Burkard presenting #Azure Policy as Code

Flere nye podcast episoder ute nå! 🎙️ Den siste handler om Appsec hvor @ooestbye og Håkon Nikolai Stange Sørum snakker med Johan fra Bouvet om Appsec 👨‍💻 Enjoy! o3c.no/knowledge

Just finished lecturing a two-day cloud security training focused on Azure for the NorthSec conference. It's been an absolute joy to host the class. I will continue to develop the course content and share an update when it's finalized and open around September.

To my surprise, I've been awarded the Microsoft MVP award. Thankful for the award and for the years I've spent learning from the AWS community that I've been able to apply towards Azure, to Oddvar Moe for being a role model, and to my colleagues for our innovative culture

On our way to fwd:cloudsec cc O3 CYBER

This is a very misleading article title from BleepingComputer: bleepingcomputer.com/news/security/… tldr; no this wasnt another "cloud vulnerability", and there was no Azure AD auth flaw. It was, however, a neat technique I will keep an eye out for in my pentests. 🧵🧵 below to explain

Gave a comment to The Wall Street Journal in relation to the recent event where Microsoft was compromised. In the public domain, this is the first known event where one of the major Public Cloud Service Providers has had a breach resulting in compromised customer data. wsj.com/articles/micro…

Azure AD Role Monitor (github.com/O3-Cyber/Azure…) detected an interesting new change to the Hybrid Identity Administrator role in Entra ID. The role was quietly updated to include the following privileged action: microsoft.directory/servicePrincip… 🧵

I recently shared how the microsoft(.)directory/servicePrincipals/appRoleAssignedTo/update action was quietly added to the Entra ID Hybrid Identitity Role. But why is this action sensitive, and how can it be abused? Read more in the linked blog post. o3c.no/knowledge/abus…

Some commentary on the new information released by Microsoft about Storm-0558. Keep in mind that security controls can fail - defense in depth is key for preventing events such as this one. o3c.no/knowledge/stor…

It's been defining for O3 CYBER to have the privilege of working with Storebrand. Incredible company with talented people! o3c.no/knowledge/stor…

We’re excited to announce the European version of the conference: fwd:cloudsec Europe! It will take place on the 17th of September 2024 in Brussels, Belgium. CFP and registration will open in Spring, stay tuned!

I'm thrilled to announce that we're bringing the fwd:cloudsec experience to Europe. We can only achieve this with the help of our community. I hope to see some of you there! Thanks to everyone who has made this possible.

Shared some thoughts on Building Secure Landing Zones Implementing landing zones is more than just deploying the accelerator; it's a message I've been trying to communicate to tech leaders lately. blog.karims.cloud/2024/03/12/bui…

I'll be in Oslo on Sep 12 for O3 CYBER's Cloud Security Day. There's a great line-up of talks and I'm excited to meet the folks there! o3c.no/knowledge/clou…