Daniel Davidson

@tacky1@defcon.social
1 Followers
41 Following
55 Posts
Infrastructure security champion. Zero trust evangelist. Threat modelling leader.
šŸ‡ØšŸ‡¦
Daniel DavidsonMar 23

https://tailscale.com/blog/how-nat-traversal-works

A delightful and thorough explanation of NAT traversal.

/ht @Cirio

How NAT traversal works

Learn how NAT traversal works, how Tailscale can get through and securely connect your devices directly to each other.

Daniel DavidsonMar 13

ā€œThe entire enterprise private network is not considered an implicit trust zone.ā€

If your VPN rules include, ā€œfrom trust to trustā€, itā€™s not #ZeroTrust.

Daniel DavidsonMar 5

I had my first #freelance client call yesterday. A solid first performanceā€¦ except for the part where I referred to the NIST Cybersecurity Framework as the NIST Cloud something something. Fortunately, the client wasnā€™t fussed about it. šŸ˜…

#NetSec

Daniel DavidsonMar 5
Funniest thing I heard today thatā€™s actually a good idea: ā€œthis docuemnt should be pinned to every channel in slack and considered required readingā€ When I shared a link to our Data Taxonomy Management System (DTMS).
Show threadDaniel DavidsonMar 2
@paulsanders Iā€™m installing Claude Code right now to hopefully accelerate some open source code contributions Iā€™d like to make. Still hoping Iā€™ll find a more impactful use case.
Daniel DavidsonFeb 23
I'm pretty stoked on https://github.com/mrwadams/stride-gpt for helping folks produce STRIDE-based threat models. I was pleasantly surprised by the threats identified by pointing it at some public GitHub repos. Looking forwarding to trying it at work this week
GitHub - mrwadams/stride-gpt: An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRIDE methodology.

An AI-powered threat modeling tool that leverages OpenAI's GPT models to generate threat models for a given application based on the STRIDE methodology. - mrwadams/stride-gpt

GitHub
Daniel DavidsonFeb 22
#FounderMode vs leading from behind. Looking back at this last project, implementing preliminary ZTNA: we got there in the end, but in almost none of the ways I intended for it be implementedā€¦ I havenā€™t decided yet if I should have been more hands on and prescriptive, or if I gave folks the appropriate level of autonomy and the process worked as intended. In any case, more #ZeroTrust and less VPN is better.
Show threadDaniel DavidsonFeb 18
@paulsanders Iā€™m keen to get into freelance and consulting. Iā€™ll check out this recommendation. And if thereā€™s any other books or resources that helped you start Yobah, Iā€™d love to hear them.
Show threadDaniel DavidsonFeb 18
@theomegabit Iā€™d much rather pay for the product than be the product. And I feel like Internet search has definitely been a missing piece for me. Iā€™m keen to hear your longer term evaluation of Kagi and what, if anything, itā€™s missing.
Daniel DavidsonFeb 15

Unfortunately my first reaction was, of course Microsoft is vulnerable to an ATO schemeā€¦ but in theory any provider that supports device code flow is vulnerable. Itā€™s not an OAuth 2 problem, itā€™s a phishing problem.

This attack method emphasizes the importance of device verification and authorization. An untrusted device shouldnā€™t be permitted to participate in the device code flow.

https://arstechnica.com/information-technology/2025/02/russian-spies-use-device-code-phishing-to-hijack-microsoft-accounts/

What is device code phishing, and why are Russian spies so successful at it?

Overlooked attack method has been used since last August in a rash of account takeovers.

Ars Technica