https://krisby.dev/en/categories/projects/ Recent content in Projects on krisby.dev Hugo en Fri, 29 May 2026 00:00:00 +0000 https://krisby.dev/en/writeups/healthcare-identity-security/ Fri, 29 May 2026 00:00:00 +0000 https://krisby.dev/en/writeups/healthcare-identity-security/ <h2 id="background">Background</h2> <p>I built this project to explore how identity and access management could be designed for a small healthcare environment handling sensitive information.</p> <p>The goal was to better understand how technologies such as Microsoft Entra ID, Conditional Access, FIDO2, RBAC and Managed Identities can work together as part of a modern security design.</p> <p>Rather than focusing primarily on network-based security, I wanted to explore what happens when identity becomes the primary security boundary.</p> https://krisby.dev/en/writeups/entra-cloudflare-scim/ Sat, 23 May 2026 00:00:00 +0000 https://krisby.dev/en/writeups/entra-cloudflare-scim/ <h2 id="background">Background</h2> <p>I wanted to better understand how federation, provisioning and Zero Trust access work in practice between Microsoft Entra ID and Cloudflare Access.</p> <p>The goal was to explore how identity can be used as the primary security boundary and how access can be managed through groups rather than individual users.</p> <h2 id="what-i-built">What I Built</h2> <p>In this lab I integrated Microsoft Entra ID with Cloudflare Access using:</p> <ul> <li>OpenID Connect (OIDC)</li> <li>SCIM provisioning</li> <li>Group-based access control</li> <li>Automated user and group synchronization</li> </ul> <p>Architecture:</p> https://krisby.dev/en/writeups/ai-rbac-analyzer/ Fri, 13 Mar 2026 00:00:00 +0000 https://krisby.dev/en/writeups/ai-rbac-analyzer/ <h2 id="background">Background</h2> <p>I wanted to gain a better understanding of Azure RBAC in practice while also exploring whether AI could be used to help identify excessive permissions and access-related risks.</p> <p>The goal was not to build a production-ready security tool, but to combine hands-on RBAC testing with AI-assisted analysis and see what insights could be generated.</p> <h2 id="what-i-built">What I Built</h2> <p>I created a small Azure lab environment consisting of:</p> <ul> <li>Resource Groups</li> <li>Virtual Machines</li> <li>Network resources</li> <li>Users and groups</li> </ul> <p>I then assigned different RBAC roles to simulate a realistic access model.</p> https://krisby.dev/en/writeups/jml-monitor-labb/ Tue, 10 Feb 2026 00:00:00 +0000 https://krisby.dev/en/writeups/jml-monitor-labb/ <h2 id="background">Background</h2> <p>I wanted to better understand Joiner, Mover and Leaver (JML) processes in practice, how access changes over time, and how access drift can be detected within Microsoft Entra ID.</p> <p>At the same time, I wanted to gain hands-on experience with Microsoft Graph API and explore how identity data can be analyzed programmatically.</p> <h2 id="what-i-built">What I Built</h2> <p>I developed a simple monitoring solution that collects users and group memberships from Microsoft Entra ID and compares the current state against historical snapshots.</p>