The are many resources out there that tap into the subject of Kubernetes Pentesting or Configuration Review, however, they usually detail specific topics and misconfigurations and don’t offer a broad perspective on how to do a complete Security Review. That is why in this article I want to cover a more complete overview on all […]
Even though Microsoft Azure is the second largest cloud solution after Amazon Web Services (AWS) from a market share perspective, it should be noted that approximately 95% of Forbes 500 companies use Azure. This does not mean that these companies use only Azure, or that Azure is the main cloud solution used by them, many […]
Over the years I’ve seen a lot of misconfigurations or a lack of configurations when it comes to protecting Windows credentials, hashes or Kerberos tickets. The main difficulty here comes from the fact that the Windows domain is complex and the multitude of features that it offers come with many security implications, especially when there […]