🧬 1. Copilot Agent Architecture: Internal Design Archetype of a Copilot Agent in Microsoft Copilot Studio: Agent: ID: uuid Permissions: [Graph.Read, SharePoint.ReadWrite, CustomAPI.SendEmail] State: Memory: long-term vector embeddings (Azure AI Search) Session Context: transient (JSON graph) Plugins: – Planner – Orchestrator – GraphExecutor LLM Endpoint: Azure OpenAI (GPT-4o) Storage: Cosmos DB / Azure Table 🗉…
Tag: devsecops
🧨 SUDO, YOU HAD ONE JOB!
Hi, now any user can get root — and Microsoft told you this would happen “Don’t run as root!” — they shouted.“Use sudo, it’s secure!” — they said.Well guess what?Even a user not in sudoers can now gain full root access. All thanks to sudo‘s cozy little bug involving chroot, nsswitch.conf, and your complacency. 🧬…
Azure WAF vs Entra External ID: When Your Firewall Starts Shooting the Good Guys
Hi there, you’ve got a slick identity federation flow with Microsoft Entra External ID.User hits login.yourbrand.com, gets redirected to Entra, auths like a champ, and…BOOM — 403 Forbidden. Why?Because your Azure Web Application Firewall (WAF) is having a mental breakdown over a legit id_token.Yeah — your security layer just called your login system a malicious…
What is Azure Firewall?
Hi there, So, picture this. you’re in the cloud. services buzzing. users everywhere. data flowing like it owns the place. it’s chaos. fun chaos. but chaos nonetheless. and in the middle of it, your firewall. no, the firewall. Azure Firewall. this thing isn’t some dusty rule-checker. it’s a fully managed, intelligent, cloud-native security brain. yeah,…