2026-06-01 –, Room 1
Every Azure VNet ships with invisible infrastructure you didn't configure and can't fully see. System routes that bypass your firewall. Service endpoints that create direct PaaS paths outside your inspection stack. Private Link DNS that resolves differently depending on where you ask. Observability tools that go blind at the boundaries that matter most. This talk maps Azure's "shadow network" — the implicit connectivity that doesn't appear in your Terraform, your portal, or your CNAPP — and shows how to surface what your workloads are actually connected to.
Tamir Asfa 25,
6 year experience in vulnerability research for mobile
Now working as a software engineer under Act security for integrated identity and network cloud native solutions.
Software Engineer with 10 years of experience, currently at ACT Security. I specialize in the analysis of Azure cloud networks to design and develop innovative products. My work focuses on translating deep network research into functional, high-impact security solutions