Compass Security Blog - Offensive Defense

Tabletop Simulations: Where Theory Meets Reality

On paper, the vast majority of crisis plans look reasonable, actionable and complete. Once the rubber hits the road, however, chaos emerges quickly.

Read more

Common Entra ID Security Assessment Findings – Part 4: Weak Conditional Access Policies

This post is part of a small blog series covering common Entra ID security findings observed during real-world assessments. Each article explores…

Read more

Common Entra ID Security Assessment Findings – Part 3: Weak Privileged Identity Management Configuration

This post is part of a small blog series covering common Entra ID security findings observed during real-world assessments. Each article explores…

Read more

Common Entra ID Security Assessment Findings – Part 2: Privileged Unprotected Groups

In part 2 of our 4-part series on common Entra ID security findings, we show how seemingly harmless group configurations can be abused to bypass…

Read more

Common Entra ID Security Assessment Findings – Part 1: Foreign Enterprise Applications With Privileged API Permissions

This post is part of a small blog series covering common Entra ID security findings observed during real-world assessments. Each article explores…

Read more