woodspeed

It is a great honor and I'm very happy to get the 2019 Jenkins Security MVP award! Thank you very much! Special thanks for Daniel Beck! #jenkins #JenkinsWorld @jenkinsci @devopsworldconf @kohsukekawa @CloudBees @NCCGroupInfosec @NCCsecurityUS @NCCGroupplc

🌩 Couldn’t make it to @cloudvillage_dc @defcon 33 Day 3? Now you can watch it all online! 🎥 The final day’s talks are live on our YouTube channel packed with insights, demos & stories from the cloud security community ☁️ 👉 Watch now: youtube.com/playlist?list=… #defcon33 #defcon #cloudvillage #infosec #cybersecurity #cloudsecurity

🎥 Missed the action at @cloudvillage_dc during @defcon ? We’ve got you covered! All Day 1 talks are now live on our YouTube channel 📺 Catch up on the insights, hacks, and cloud security deep dives you might’ve missed! 👉 Watch now: youtube.com/playlist?list=… #defcon33 #defcon #cloudvillage #infosec #cybersecurity #cloudsecurity

⚡ Day 2 of @cloudvillage_dc @defcon 33 is now LIVE on YouTube! From cutting-edge research to real-world cloud attacks & defences this is your chance to relive the energy of the village 🔥 📺 Watch all the Day 2 talks here → youtube.com/playlist?list=… #defcon33 #defcon #infosec #cybersecurity #cloudsecurity #defconbahrain

Shoutout to our amazing Day 2 speakers who brought serious energy and insights to Cloud Village Labs @defcon 33 ⚙️☁️ Catch their sessions below and show them some love 👇 @madhuakula @wucpi Shani Peled Ryan O'Donnell Gowthamaraj Rajendran @nevadaromsdahl @0xZDH @HawkEyeDev Muhammad Yuga Nugraha @kidtronnix Hanna Papirna Emma Fang @sethsec @4p0hk

🎤 On Stage at @cloudvillage_dc | @defcon @wucpi - Exploring The Possibilities of Azure Fabric Abuses Deep dive into hidden attack paths inside Azure Fabric services. #CloudVillage #HackerSummerCamp #DC33 #DEFCON

🎤 Up next in 15 minutes – 10:30 AM PDT at @cloudvillage_dc @defcon @wucpi - Exploring The Possibilities of Azure Fabric Abuses #CloudVillage #HackerSummerCamp #DC33 #DEFCON

🧠 Let’s talk Azure internals — and how to bend them to your will. Pumped to welcome @wucpi to Cloud Village @DEFCON 33! He’s presenting: “Exploring The Possibilities of Azure Fabric Abuses” 🔧 📍 Room 311, LVCC 🗓️ Aug 9 | 🕥 10:30–11:10 AM PT 🔗 cloud-village.org/dc33 #CloudVillage #DEFCON33 #HackerSummerCamp

I am happy to share that I got accepted to speak at @cloudvillage_dc at @defcon! #defcon #defcon33 #azure #azurefabric #cybersecurity #cloudsec

The Cloud Village @defcon 33 schedule is LIVE! ☁ Explore a stacked lineup of comprehensive talks, lightning talks, and tool demos; all focused on real-world cloud security. Line Up: #schedule" target="_blank" rel="nofollow noopener">cloud-village.org/dc33#schedule #CloudVillage #DC33 #DEFCON33 #HackerSummerCamp

New video: 1 hour of Conditional Access design deep dive. I always get asked to share Conditional Access templates, so I roped @NateHutch365 into the first of a few long forms on thinking about robust, scalable, and customizable CA architecture. Watch: youtube.com/watch?v=NSqfUZ…

📢ANNOUNCEMENT📢⏳2 months to go! BSidesBUD of @SecurityBSides brings top-tier cybersecurity minds to the stage—don’t miss out! 🔥 🎟 Early bird tickets are still up for grabs! Secure your spot! bsidesbud.com #BSidesBUD2025 #Cybersec #Infosec #securityBSides

@wucpi's talk on "Creating Azure Policy Compliant Backdoor" is now released on YouTube! youtu.be/gdMx3g62NkE Subscribe and stay tuned for more videos! Happy Hacking. #CloudSecurity #DefCon32

In Part 1 of my Intune Attack Paths series, I discuss the fundamental components and mechanics of Intune that lead to the emergence of attack paths: posts.specterops.io/intune-attack-…

I looked at all the AWS OIDC integrations I could find to identify how they might be misconfigured and to understand the variations that different vendors have in how they set these up. wiz.io/blog/avoiding-…

Time for a Friday read! 📖 Miss that #DefCamp vibe? Want to relive the best moments? We've got you covered with some epic highlights to take you right back. Dive in and enjoy 👉 def.camp/defcamp-2024-h…

One recent report highlighted that roughly a third of their customers have “at least one cloud workload that is publicly exposed, critically vulnerable and highly privileged.” If you’re this vendor, should I really buy your product? ramimac.me/state-of-cloud…

@DrAzureAD is showcasing token based authentication attacks, breaking down what to steal from the user's endpoint.

Day #2 at @DefCampRO, waiting for the first track #1 talk of the day to begin!

Backdooring #Azure policies by Viktor Gazdag at @DefCampRO

@CynicLib @DrAzureAD @DefCampRO Slides and vidoe will be uploaded later, but you can find the slides here as well: github.com/woodspeed/conf…

@DrAzureAD @DefCampRO I would love to see that. Any recording or slides available?