2026-06-01 –, Room 1
Every Azure VNet ships with invisible infrastructure you didn't configure and can't fully see. System routes that bypass your firewall. Service endpoints that create direct PaaS paths outside your inspection stack. Private Link DNS that resolves differently depending on where you ask. Observability tools that go blind at the boundaries that matter most. This talk maps Azure's "shadow network" — the implicit connectivity that doesn't appear in your Terraform, your portal, or your CNAPP — and shows how to surface what your workloads are actually connected to.
Software Engineer with 10 years of experience, currently at ACT Security. I specialize in the analysis of Azure cloud networks to design and develop innovative products. My work focuses on translating deep network research into functional, high-impact security solutions
Kobi Rubin is Head of Research at Act Security, where he focuses on modeling least-privilege infrastructure access. Kobi brings extensive experience in securing CPS and enterprise networks from his years leading Data at Claroty and Medigate. He began his cybersecurity career spending 8 years in Unit 8200 of the Israel Defense Forces.