Cloud infrastructure has become the central battlefield for enterprise security, and the control plane is its most consequential layer. Attackers rarely go straight for it. They work through secondary accounts, leaked credentials, and overprivileged identities to reach it — and once they’re there, they can map, enumerate, and exfiltrate at scale. The rise of agentic AI and model context protocols is reshaping that attack surface in ways that most security teams have not yet fully reckoned with.

In this session of Offensive Engineering Live Sessions, Siri Verma Veggiraju, a tech lead at Microsoft Azure Security with hands-on experience across cloud security architecture, identity, and the control plane, walks through the mechanics of how these attacks actually unfold. He’s speaking independently, and the views he shares are his own.

The conversation covers:

• How the attack landscape against cloud infrastructure has shifted with large language models and agentic AI

• Why secondary accounts are the real entry point to control plane compromise

• What a realistic attack chain looked like in the early days of cloud, and why the same principles still apply

• How managed identities work and where organizations consistently over-privilege them

• Why API proliferation is a blind spot that most security teams underestimate

• What least privilege looks like when you’re securing sub-agents in a hierarchical AI architecture

• How to think about the line between a security incident and a sovereignty problem