APM

Thomas Byrne
6 Aug 2025

Breaking Down Azure DevOps: Techniques for Extracting Pipeline Credentials

Workload Identity Federation - is it all it makes out to be? Does it *really* prevent attackers from extracting credentials from pipeline identities that use modern authentication technique?

Tom Taylor-MacLean
30 Jul 2025

Elevating Attack Path Mapping to the Clouds

An introduction to Reversec's Cloud Attack Path Mapping (APM) service, looking at where it originated from, why it works and how it compares to other styles of testing. After looking at the current state of testing, consideration is given to how effective our future-looking service can be for both cloud-native and hybrid environments. Examples are given of previous success stories where interesting, and sometimes unusual, results have occurred!