David O'Brien
@daveobrien.bsky.social
Sick of writing cloud assessment reports? ARGOS writes them for you.
Founder of ARGOS Cloud Security.
Former Microsoft Azure MVP (10 years), private pilot, dad.
Founder of ARGOS Cloud Security.
Former Microsoft Azure MVP (10 years), private pilot, dad.
Want to learn more about our new "Entra ID to Azure paths"? argos-security.io
Automated Cloud Assessments for Consultants
Full cloud inventory & detections in minutes, mapped to common compliance frameworks. Attack Surface mapping and attack path analysis. Cherry on top: ARGOS writes the report for you.
argos-security.io
May 19, 2025 at 9:38 AM
Want to learn more about our new "Entra ID to Azure paths"? argos-security.io
Kind of makes sense that there's focus on those products (not defending some of their pretty basic problems).
The fact that they often have wide access (network and/or permissions) on most systems in an environment makes them a great target.
The fact that they often have wide access (network and/or permissions) on most systems in an environment makes them a great target.
April 27, 2025 at 8:05 PM
Kind of makes sense that there's focus on those products (not defending some of their pretty basic problems).
The fact that they often have wide access (network and/or permissions) on most systems in an environment makes them a great target.
The fact that they often have wide access (network and/or permissions) on most systems in an environment makes them a great target.
While architecturally, this is almost as desired, the point here is, the web service is unprotected (no API Gateway, no WAF, etc) and people often don't understand what paths they open up in an environment via managed identities.
April 16, 2025 at 10:30 AM
While architecturally, this is almost as desired, the point here is, the web service is unprotected (no API Gateway, no WAF, etc) and people often don't understand what paths they open up in an environment via managed identities.