Sacha Faust, Technical Lead, Red Team Cloud & Enterprise, Microsoft

Sacha Faust

Technical Lead, Red Team Cloud & Enterprise, Microsoft

Attack & Defense using Graph

Exploring security in a large enterprise can be challenging and often doesn’t cover transitive risks that may start from low priority, but can quickly transition to critical risk when combined. This talk will provide some case studies of the problems space as perceived by the Microsoft Azure Security team, and how the use of graph drove advancements in exploration, communication and remediation.

  • Democratization of data — How red team share their views
  • Knowledge retention and transfer — Bleeding red team toward standard engineering practices
  • Resource attribution path finder — Driving accountability

Attendees of this session will be introduced to methodologies and off-the-shelf tools that could be used to scale existing or new security investments, and get better visibility into the risk they are accepting.


Sacha Faust is a Principal Technical Lead under the Cloud + Enterprise (C+E) Red Team. When he is not breaking things, he focuses on teaching machines how to do end to end breaches and evangelize the Assume Breach mindset. He is a self-taught security enthusiast that started his professional career in 1998 and joined Microsoft in 2007 and has worked on BPOS, Office365, MSODS, Azure and C+E.