Author: Matt

Matt Burrough is a Senior Penetration Tester at Microsoft, focusing on the company’s internal assets and cloud deployments. Before moving to a security role, he was a developer and also spent five years debugging, code reviewing, and reverse engineering Windows at Microsoft. Matt also worked at NPR creating new technology for digital radio, including the first ever close-captioned radio broadcasting system. Matt has a passion for computer security and holds a Master’s degree in Computer Science and a graduate certificate in Computer Security from the University of Illinois at Urbana-Champaign. He also graduated from Rochester Institute of Technology with a Bachelor of Science in Networking, Security, and System Administration.

Azure Sentinel at Home

A red teamer goes blue to describe how to be your own SOC by configuring Azure Sentinel to capture events from your home lab.

Matt September 9, 2021 February 8, 2022 Azure

Azure Sentinel: Add Automation to All Alert Rules

Recently, I decided to try Azure Sentinel out on my home lab network to get a better understanding of how it’s deployed and used. Once I get some spare cycles, I plan to write up my experience deploying sensors and adding data connectors for my network [now available here], but …

Matt June 21, 2021 February 8, 2022 Azure

Lock Impressioning Talk – BSides SEA 2020

Yet another talk I gave in 2020 is now online! Check out my slideshow roulette presentation of Jos Weyer and Holly Poer’s Impressioning deck I gave on extremely short notice at BSides Seattle 2020 back in October.

Matt May 7, 2021 May 8, 2021 Locksport / Speaking

Layer8 Master Key Talk Now Online

If you didn’t have a chance to see my talk on master key attacks at last year’s Layer 8 conference, it’s now available for viewing on YouTube. Enjoy!

Matt April 30, 2021 April 30, 2021 Locksport / Pentesting / Speaking

Repinning an American 1305

For the past six months, I’ve been focused on a project I hope to share with everyone very soon. In the meantime I took a break a couple of days ago to work on building a progressive set of American 1305 locks – removing 1, 2, and 3 pins from …

Matt March 25, 2021 March 25, 2021 Locksport

SANS Keynote Recording Available

My SANS keynote talk on cloud red teaming has been shared on YouTube here. I’ve also posted the slides for it here. Enjoy!

Matt August 8, 2020 April 30, 2021 Pentesting / Speaking

Master Key Attacks Talk at Layer 8

Today I’ll be giving an updated talk on attacks against master keyed systems at the TOOOL virtual Lock Pick Village at the Layer 8 Conference at 10 AM Pacific/1 PM Eastern. I hope you’ll be able to attend!

Matt June 6, 2020 June 6, 2020 Locksport / Pentesting / Speaking

SANS Cloud Summit Keynote

If you are interested in cloud security, take a look at the 2020 SANS Cloud Summit coming up at the end of May. In addition to some greats SANS courses, like 545, they are also hosting a virtual CTF and have a series of speakers to kick off the event. …

Matt April 28, 2020 April 28, 2020 Speaking

New Impressioning Meetup

Join us Sunday, March 8 at 1:00 PM at Black Lodge Research in Redmond, WA for Seattle Locksport‘s first lock impressioning meetup. All experience levels welcome! We’ll have all the gear, locks, and key blanks you need. We’ll be meeting every 2nd Sunday of the month to practice, teach, learn, …

Matt February 20, 2020 February 20, 2020 Locksport

DEF CON 27 Talk: Master Key Insider Attacks

Earlier this month, I spoke at DEF CON 27’s Lock Pick Village on insider attacks that can be executed on master-keyed systems. (Note: Not Master brand locks. 😊) A copy of my slides can be downloaded from: https://burrough.org/papers/Burrough-DC27_Master_Key_Talk.pdf. AbstractAs a lock enthusiast and professional pentester, I think a lot about …

Matt August 20, 2019 August 20, 2019 Locksport / Speaking