zero trust • William OGOU Cybersecurity Blog

img of Securing Remote MCP Servers with Google Cloud

Secure remote MCP servers on Google Cloud using a defense-in-depth architecture with IAP, Cloud Armor, and IAM.

img of Critical Entra ID Impersonation Flaw - CVE-2025-55241

Sep 24, 2025 8 min read

Critical Entra ID Impersonation Flaw - CVE-2025-55241 By William OGOU

A critical flaw in Entra ID (CVE-2025-55241) allowed attackers to impersonate anyone. This is a CISO's guide to the 'Actor Token' vulnerability, the attack chain, and how to hunt for compromise.

img of Stop Using Service Account Keys: A Guide to Workload Identity Federation

Sep 22, 2025 8 min read

cloud-security

Stop Using Service Account Keys: A Guide to Workload Identity Federation By William OGOU

Leaked service account keys are a top cloud security risk. This definitive developer's guide explains how to go keyless with GCP's Workload Identity Federation.

img of ANSSI Guide to Implementing Zero Trust

Sep 18, 2025 9 min read

cybersecurity

ANSSI Guide to Implementing Zero Trust By William OGOU

Beyond the buzzword, this is a CISO's practical guide to implementing a real Zero Trust strategy, based on authoritative guidance from agencies like ANSSI.

img of IAM Is Dead. Long Live IAM for the Agentic Era

Sep 5, 2025 8 min read

iam

IAM Is Dead. Long Live IAM for the Agentic Era By William OGOU

Traditional IAM is broken. Discover the new paradigm of Agentic IAM, from DIDs and VCs to dynamic, real-time access control. A CISO's guide to governing your AI workforce.

img of GCP Security Solution to the Top 11 Cloud Vulnerabilities

Aug 14, 2025 8 min read

cloud-security

GCP Security Solution to the Top 11 Cloud Vulnerabilities By William OGOU

A practical CISO's guide to defeating the top 11 cloud vulnerabilities using Google Cloud's security arsenal. Map threats to specific GCP tools for a robust defense-in-depth strategy.

img of Passkeys Were the Start: Google's DBSC Will Make Cookie Theft Obsolete

Aug 1, 2025 8 min read

iam

Passkeys Were the Start: Google's DBSC Will Make Cookie Theft Obsolete By William OGOU

Passkeys secured the login, but session hijacking via cookie theft remains a critical threat. Discover how Google's DBSC is set to make this attack vector a relic of the past.

img of A Practical Blueprint for Zero Trust on GCP

Jun 30, 2025 9 min read

cloud-security

A Practical Blueprint for Zero Trust on GCP By William OGOU

The perimeter is dead. Discover the ultimate blueprint for implementing a Zero Trust security model on Google Cloud Platform (GCP). A CISO's guide to modern security.

Mar 24, 2025 8 min read

cybersecurity

A Complete Guide to Best Practices & Benefits for Modern Cybersecurity By William OGOU

Explore the Zero Trust security model in this comprehensive guide. Learn about its principles, benefits, use cases, and best practices for implementation in your organization’s cybersecurity strategy