CHRISTIAN BORTONE

I am penetration tester and security researcher in my free time. I enjoy diving deep into Active Directory, Azure, and uncovering undocumented aspects of Microsoft technologies.

Azure Assessment

Organizations leveraging Azure often integrate with Microsoft Entra ID for identity and access management, commonly alongside Microsoft 365 or hybrid Active Directory environments. These platforms form the backbone of authentication and authorization across cloud and on-premises resources.

Because of their widespread adoption, attackers frequently target misconfigurations and weak security controls in Azure environments. During an assessment, I analyze the cloud infrastructure to identify risks, uncover vulnerabilities, and provide actionable recommendations to strengthen the overall security posture.

Assessment types:

  • Review: Performed with privileged access to analyze configurations.
  • Penetration Test: Starts from a low-privilege user to escalate access.

Active Directory Assessment

My Active Directory Assessment offers a comprehensive review of your identity infrastructure to ensure it is resilient, well-structured, and secure. I evaluate how privilege delegation is implemented, the protection and separation of administrative accounts, and the effectiveness of least privilege controls. The assessment also includes group policy design, Public Key Infrastructure (AD CS) configuration, and the robustness of Kerberos authentication settings, highlighting weaknesses that could be exploited by attackers.

Assessment types:

  • Review: Performed with privileged access to analyze configurations.
  • Penetration Test: Starts from a low-privilege user to escalate access.

Cloud Security Architect

As a Cloud Security Architect, I help organizations design and implement secure, scalable, and resilient architectures across multi-cloud and hybrid environments. I align identity, access, and workload protection with industry best practices while integrating centralized logging, SIEM, and incident response capabilities. My approach also incorporates endpoint and device management, hybrid identity synchronization, least-privilege access, CNAPP and CSPM frameworks, Zero Trust principles, and governance models that strengthen security posture and support compliance.

Other Services

I specialize in securing Microsoft technologies such as Windows, Active Directory, and Azure. If your needs extend beyond these areas, I can also provide tailored security assessments. Over the years, I have gained experience across a wide range of engagements, including red and purple team exercises, mobile and web application testing, and assessments of non-Microsoft environments.

Want to Do Security Research Together?

I'm always interested in connecting with people who want to collaborate on security research. If you have new ideas or projects in mind, feel free to reach out and we can explore them together.