Safe Web Browsing for Copilots
Allowing a copilot to search the web at will is extremely dangerous. Here are two somewhat-understood vulnerabilities and how to mitigate them. Note: this is...
Recent Posts
Followup links for All You Need Is Guest RSAC 2024
Assorted links for All You Need Is Guest @ RSAC 2024:
Power Platform DLP Bypass via Copy-And-Paste
Last August I gave a talk at BlackHat USA titled All You Need Is Guest. In it, I showed how simple guest access to EntraID could be escalated into full contr...
All You Need Is Guest
This is a long overdue blog version of a talk I gave at BlackHat USA 2023 titled All You Need Is Guest. Slides and video recording are available as well.
The Challenges of AI Security Begin With Defining It Permalink
Security for AI is the Next Big Thing! Too bad no one knows what any of that really means.