Hi! thanks for visiting my blog!

My name is Cody Burkard. I am an American penetration tester and cyber security researcher living in Norway.

I have been working professionally as a penetration tester, application security specialist, and Microsoft Azure offensive security specialist for over five years. Within this time I have also played various roles on the architectural side, primarily working with secure cloud native application and enterprise architectures that utilize Azure PaaS offerings.

My research interests primarily fall somewhere between these topics - what is the security implication of transitioning to cloud native application architectures within Azure? How do traditional application-level attacks impact cloud-native applications, built on PaaS offerings? What are the new, unique attack paths that can lead to lateral movement or privilege escalation between Azure resources? Finally, how do you build an architecture that effectively prevents these new attacks?

These questions fascinate me. I spend my research time reverse engineering Azure components, building small tools, and iterating over various secure architectural concepts, trying to find a scalable approach that holds up to new attack primitives in Azure.

This blog is my outlet for research and opinions in the Cyber Security field.