Skip to content
View goldjg's full-sized avatar
17 followers · 20 following

Achievements

Achievement: Pair Extraordinairex3Achievement: Pull Sharkx2Achievement: YOLOAchievement: StarstruckAchievement: Public SponsorAchievement: QuickdrawAchievement: Arctic Code Vault Contributor

Achievements

Achievement: Pair Extraordinairex3Achievement: Pull Sharkx2Achievement: YOLOAchievement: StarstruckAchievement: Public SponsorAchievement: QuickdrawAchievement: Arctic Code Vault Contributor

Highlights

  • Pro

Organizations

@dusk-li @Az-Skywalker @UndREST-Labs @KuShuSec @OID-See

Block or report goldjg

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
goldjg/README.md

👋 Hi, I’m Graham Gold

I’m a Senior Cloud Security Engineer, security researcher, Microsoft MVP in Security: Identity & Access, and long-time infrastructure engineer with a habit of pulling on weird threads until they become blog posts, tools, or threat models.

I work across cloud security, identity, Conditional Access, Microsoft Entra ID, Intune, Azure, Google Cloud, and the messy edges where platforms, assumptions, and attackers meet.

🔍 What I’m interested in

I’m especially interested in:

  • Cloud and identity security
  • Microsoft Entra ID, Conditional Access, and Intune abuse paths
  • Secure-by-design cloud architecture
  • Detection engineering and threat hunting
  • SaaS and platform abuse research
  • Agentic software development and AI-assisted engineering governance
  • Turning hard-won lessons into reusable tools, models, and write-ups

🛠️ Things I build and write about

I publish research, technical notes, and occasional security-shaped chaos at:

https://cirriustech.co.uk

Some of my work explores topics like cloud identity anti-patterns, Conditional Access design, Intune abuse, SaaS-hosted exfiltration, AI-assisted development workflows, and practical ways to make security controls less imaginary.

I also build tooling and experiments around these ideas, including projects related to cloud security research, AI-assisted development governance, and security operations.

🌱 Current areas of focus

Right now I’m spending time on:

  • Microsoft Entra ID and Conditional Access attack/defence models
  • Intune and device-trust research
  • AI-assisted development lifecycle governance
  • Cloud identity misconfigurations and abuse patterns
  • Practical security automation that survives contact with production

🤝 Collaboration

I’m always interested in thoughtful collaboration around cloud security, identity, detection, research, and tooling - especially where there’s a weird edge case, a dangerous assumption, or a control that works beautifully in a diagram and less beautifully in prod.

📫 Contact

Assumptions have teeth. Identity is infrastructure. “Works in prod” is both a status and a threat model.

Popular repositories Loading

  1. cARL cARL Public

    Go 11 1

  2. TheAudreyProject TheAudreyProject Public

    6 1

  3. cirrius_tech_code_snippets cirrius_tech_code_snippets Public

    PowerShell 1

  4. PowerElevate PowerElevate Public

    PowerShell 1

  5. Cirriustech-umami Cirriustech-umami Public

    Forked from umami-software/umami

    Umami is a modern, privacy-focused analytics platform. An open-source alternative to Google Analytics, Mixpanel and Amplitude.

    TypeScript 1

  6. contrails contrails Public

    TypeScript 1