Emilien Socchi, Cloud Security Research Engineer at Storebrand, joins us to discuss CA Insight and AZTier.
Two open-source tools Emilien built to find gaps in Conditional Access policies and categorize Azure/Entra roles based on attack paths.
Learn how CA Insight evaluates 250 million sign-in combinations offline in minutes instead of days, why the What If API doesn't scale, and how AZTier helps defenders and pen testers understand privilege escalation risks across Entra ID, Azure, and Microsoft Graph.
Together, these projects help security teams move from reactive log monitoring to a proactive defense strategy.
What’s Breaking and Slowing Your Entra ID Environment?
In Microsoft Entra ID, the same visibility gaps cause two problems:
Things break
Work slows down
Expired client secrets disrupt integrations. Certificates lapse and authentication fails. New apps appear with excessive permissions and no clear ownership. At the same time, teams struggle to answer basic questions, which applications have access to Microsoft 365 data, whether that access is still required, and who is responsible for it.
When answers are not immediate, reviews stall and projects slow down.
ENow App Governance Accelerator Credential Guard helps identify expiring credentials and expose permission and ownership gaps.
For organizations under 10,000 users, pricing ranges from $3,500 to $9,500 annually through March 31, 2026.
Subscribe with your favorite podcast player or watch on YouTube 👇
About Emilien Socchi
Emilien Socchi is a Cloud Security Research Engineer at Storebrand (Oslo, Norway) focusing on the proactive discovery of security issues. With an extensive background in application and cloud penetration testing, Emilien has published practical research and tooling used by defenders. He also maintains several open‑source projects, including Azure administrative tiering models and Entra ID role‑monitoring utilities.
LinkedIn - https://www.linkedin.com/in/emilien-socchi
🔗 Related Links
CA Insight- https://github.com/emiliensocchi/entra-ca-insight
Azure Administrative Tiering (AzTier) - https://aztier.com
AzTier Source: https://github.com/emiliensocchi/azure-tiering
AzTier Deployer - https://github.com/emiliensocchi/aztier-deployer
📗 Chapters
00:00 The Story Behind CA Insights
16:52 Why the ‘What If’ API Doesn’t Scale
21:09 Building an Offline Evaluation Engine
45:22 Deep Dive into AZTier: A Red Team Perspective
Podcast Apps
🎙️ Entra.Chat - https://entra.chat
🎧 Apple Podcast → https://entra.chat/apple
📺 YouTube → https://entra.chat/youtube
📺 Spotify → https://entra.chat/spotify
🎧 Overcast → https://entra.chat/overcast
🎧 Pocketcast → https://entra.chat/pocketcast
🎧 Others → https://entra.chat/rss
Merill’s socials
📺 YouTube → youtube.com/@merillx
👔 LinkedIn → linkedin.com/in/merill
🐤 Twitter → twitter.com/merill
🕺 TikTok → tiktok.com/@merillf
🦋 Bluesky → bsky.app/profile/merill.net
🐘 Mastodon → infosec.exchange/@merill
🧵 Threads → threads.net/@merillf
🤖 GitHub → github.com/merill
