In this session of Offensive Engineering Live Sessions, Siri Verma Veggiraju, a tech lead at Microsoft Azure Security with hands-on experience across cloud security architecture, identity, and the control plane, walks through the mechanics of how these attacks actually unfold. He’s speaking independently, and the views he shares are his own.

The conversation covers:

• How the attack landscape against cloud infrastructure has shifted with large language models and agentic AI

• Why secondary accounts are the real entry point to control plane compromise

• What a realistic attack chain looked like in the early days of cloud, and why the same principles still apply

• How managed identities work and where organizations consistently over-privilege them

• Why API proliferation is a blind spot that most security teams underestimate

• What least privilege looks like when you’re securing sub-agents in a hierarchical AI architecture

• How to think about the line between a security incident and a sovereignty problem