At OVO Energy, we recently released a tool to prevent subdomain takeovers: Domain Protect, available at https://github.com/ovotech/domain-protect.
​

I've published a blog post where I go through the basics of domain takeover, talk about how the requirement arose at OVO, and describe the tool’s features, findings, and planned next steps.
​
And you’ll see how we saved many thousands of US Dollars in fees to Bug Bounty researchers.

Microsoft recently released the MS-500 exam - Microsoft 365 Certified Security Administrator. I decided to study for this, as I'm working for an organisation in a role where I'm responsible for Microsoft 365 security, and I wanted to improve my knowledge and understanding of the subject.

I had never previously studied for any Microsoft 365 certifications. I was fortunate to already have a good knowledge of Azure AD thanks to the on-line course I developed for AZ-500, Azure Security Technologies. However, Azure AD is only one part of the syllabus for MS-500, so I needed additional training material.

Click the read more link below to see how I studied for the exam.

Paul Schwarzenberger's talk "Centralizing identity across AWS, Azure and GCP" at fwd:cloudsec 2020 is now online. fwd:cloudsec is a new community driven, not for profit, independent conference focusing on cloud security.

The conference was streamed live on 29 June, with 15 excellent talks on a range of cloud security topics across AWS, Azure and GCP.

I'm looking forward to presenting "Centralizing identity across AWS, Azure and GCP" at fwd:cloudsec, a new, community organised, not-for-profit conference on cloud security. The event takes place on 29 June 2020 and is free to attend online.

To see the abstract for the talk, please click on the "Read More" link below.

I'm delighted to announce that my A Cloud Guru on-line certification course AZ-500 Azure Security Technologies has had over 1,000 students since its launch around 2 months ago.

Many thanks to all at A Cloud Guru, and most of all, a special appreciation to all 1,000 of you!

My online course AZ-500 Azure Security Technologies is now on A Cloud Guru.

The course will help students to take and pass the AZ-500 exam, the requirement to become a Microsoft certified Azure engineer. 

To find out more, watch my course introduction video at A Cloud Guru!

Earlier this year Microsoft released their first ever Azure security certification and exam, covering all the important aspects of Azure security from identity and access management, to data and app security, platform protection and managing security operations.

​I'm launching my independently developed AZ-500 Azure Security Technologies course - with a mix of hands-on labs, presentations, demos, quizzes and practice exam questions. The course is now available for booking 2 - 5 December 2019 in London with 44CON.

My talk at BSides London "AWS vs Azure Security" is now online:

As I mention in the last slide, if you're interested in learning more about AWS, Azure and GCP security, I'll be delivering Cloud Security and DevSecops training at 44CON from 9 - 11 September.