Finding my love for Springfield Missouri each day ❤️

Well my bracket is hosed… #MarchMadness

I have made my first ever Microsoft community post, and I want to thank Prajwal Desai for being such an incredible mentor and friend. Thank you for all you do for the Microsoft community, and I am so happy to be a part of your community and team. #community #microsoft #team

Oh, we're back to Byron Buxton defensive gem season. That catch was quite something.

This Vikings bowling celebration 😂 (via FOX Sports: NFL)

JUSTIN JEFFERSON CATCH OF THE CENTURY.

Your Minnesota Vikings are 9-2.

🎙️ Latest episode of the podcast is now live! Pavel Yosifovich Pavel Yosifovich is here to talk Windows and how his authoring Windows Internals was a fluke... open.spotify.com/episode/2ylz9J…

Nine Lives, Zero Trust is live. 🚀 I write about cloud security & the stuff that keeps defenders up at night. Three cats taught me nothing should be trusted, especially at 3 AM. nineliveszerotrust.com #CloudSecurity #InfoSec #ZeroTrust #DevSecOps

A common Terraform misconception: sensitive redacts output, not state. sensitive=true only redacts output. Secrets still end up in state/plan files. 1.11’s write-only args fix this. Hands-on guide with AWS + Azure examples nineliveszerotrust.com/blog/terraform… #CloudSecurity #DevSecOps

No keys to rotate. No secrets to leak. New post: Container supply chain security with GitHub Actions - vuln scanning, SBOM generation, keyless signing, and SLSA provenance. Stack: Trivy, Syft, Cosign + Sigstore. Blog + repo: nineliveszerotrust.com/blog/container… #DevSecOps #infosec

Microsoft’s Sentinel MCP Server went GA. The attack surface is real. Sentinel logs contain attacker-influenced fields like email subjects, command lines, and user agents. When AI processes this data, prompt injection becomes possible. I put together a walkthrough covering

New blog post: Building a serverless edge prompt filter for LLM security Catches injection attacks + PII at the edge before semantic analysis. One layer in defense-in-depth. nineliveszerotrust.com/blog/llm-promp… #AISecurity #AWS

Azure PIM solves just-in-time access for humans. I wanted to bring that same pattern to non-human identities. PIM handles just-in-time access for humans. For non-human identities like AI coding agents, backup automation, and CI/CD pipelines, it breaks down. Service principals

Microsoft is rolling out two Entra ID changes this spring that take effect automatically. Passkey profiles move to GA in March. Tenants that do not opt in will be auto-migrated starting in April (through late May for Worldwide, late June for GCC/GCC High/DoD). If attestation is

OAuth redirect abuse in Entra ID is worth watching. New post with 4 Sentinel detections, hunting queries, and hardening steps: nineliveszerotrust.com/blog/oauth-red… #EntraID #OAuth #MicrosoftSentinel

I deployed Microsoft Entra Prompt Shield and tested it against real jailbreak payloads on ChatGPT and Gemini. Adversarial prompts blocked at the network layer before reaching the model. nineliveszerotrust.com/blog/prompt-sh… #AISecurity #PromptInjection #ZeroTrust