Headshot of Karl Fosaaen

Karl Fosaaen

VP, Research

As a VP of Research, Karl is part of a team developing new services and product offerings at NetSPI. Karl previously oversaw the Cloud Penetration Testing service lines at NetSPI and is one of the founding members of NetSPI's Portland, OR team. Karl has a Bachelors of Computer Science from the University of Minnesota and has been in the security consulting industry for 15 years. Karl spends most of his research time focusing on Azure security and contributing to the NetSPI blog. As part of this research, Karl created the MicroBurst toolkit to house many of the PowerShell tools that he uses for testing Azure. In 2021, Karl co-authored the book "Penetration Testing Azure for Ethical Hackers" with David Okeyode.

Connect With Me on Social
Bluesky
X/Twitter
My GitHub Repo

More By Karl Fosaaen

Cloud Pentesting

Decrypting VM Extension Settings with Azure WireServer

The Azure WireServer service provides configuration data to Azure Virtual Machines. Join us as we walkthrough the process of decrypting that data to find sensitive information.

Learn More
Cloud Pentesting

We Know What You Did (in Azure) Last Summer

At DEF CON 33, NetSPI presented a talk about how Azure resources supporting Entra ID authentication expose tenant IDs, enabling attackers to attribute cloud resources to specific organizations at scale.

Learn More
Cloud Pentesting

Automating Azure App Services Token Decryption

Discover how to decrypt Azure App Services authentication tokens automatically using MicroBurst’s tooling to extract encrypted tokens for security testing.

Learn More
BAS as a Service

3 Lessons Learned from Simulating Attacks in the Cloud

Learn key lessons from NetSPI’s work simulating attacks in the cloud. Learn how Breach and Attack Simulation improves cloud security, logging, and detection capabilities.

Learn More
Cloud Pentesting

Extracting Sensitive Information from Azure Load Testing

Learn how Azure Load Testing's JMeter JMX and Locust support enables code execution, metadata queries, reverse shells, and Key Vault secret extraction vulnerabilities.

Learn More
BAS as a Service

Validating Azure Cloud Security with Breach and Attack Simulation as a Service

NetSPI’s Breach and Attack Simulation as a Service offers focused simulation tests for Azure users to validate your cloud security capabilities.

Learn More
Cloud Pentesting

Hijacking Azure Machine Learning Notebooks (via Storage Accounts)

Abusing Storage Account Permissions to attack Azure Machine Learning notebooks

Learn More
Cloud Pentesting

Backdooring Azure Automation Account Packages and Runtime Environments 

Azure Automation Accounts can allow an attacker to persist in the associated packages that support runbooks. Learn how attackers can maintain access to an Automation Account.

Learn More
Cloud Pentesting

Extracting Managed Identity Certificates from the Azure Arc Service 

The Azure Arc service is handy for bringing on-prem systems to the cloud, but it includes features that could lead to pivots from on-prem into your Azure environment.

Learn More
NetSPI in the News

Security Magazine: Closing the cloud skills gap as adoption grows

NetSPI's VP of Research, Karl Fosaaen, weighs in on addressing the cybersecurity skills gap to avoid data security risks during cloud migrations.

Learn More
Cloud Pentesting

Azure Deployment Scripts: Assuming User-Assigned Managed Identities

Learn how to use Deployment Scripts to complete faster privilege escalation with Azure User-Assigned Managed Identities.

Learn More
Cloud Pentesting

Extracting Sensitive Information from the Azure Batch Service 

The added power and scalability of Batch Service helps users run workloads significantly faster, but misconfigurations can unintentionally expose sensitive data.

Learn More