Skip to content
View dbgalz11's full-sized avatar

Block or report dbgalz11

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
dbgalz11/README.md

Hi, I'm Darwin 👋

Azure Cloud Infra & Security Engineer specializing in Identity Security — securing the identity layer across Entra ID, OAuth 2.0 / OIDC, conditional access, and privileged access on Azure.

I build and break things in Entra ID, AKS, and Azure DevOps, then turn the hard-won lessons into content for aspiring cloud engineers — often in Tagalog, because good security education shouldn't be locked behind a language barrier.

🔭 What I'm working on

  • Hardening identity & access at protocol depth — Entra ID, OAuth 2.0 / OIDC, conditional access, PIM
  • Threat hunting and detection engineering with KQL
  • Securing AKS workloads and the Terraform that provisions them

🌱 Currently learning

  • AI & AI Security — securing AI workloads and identities, and the new attack surface that LLMs and agents introduce
  • Working towards SC-500 (Cloud and AI Security Engineer Associate)

🛠️ Tech Stack

Languages PowerShell Bash Python

Azure Automation Azure Automation Azure Functions Azure Container Apps Azure Logic Apps

Infrastructure as Code Terraform

DevOps Azure DevOps

Containers Docker AKS

Monitoring KQL Grafana Prometheus

Practice FinOps

💬 Find me / reach me

  • 📺 Cloud Tropang Darwin — cloud & security tutorials for Filipino engineers
  • 💼 LinkedIn
  • 🧠 Skool & Stack Overflow (links in profile)

⚡ Fun fact

Off the clock, I'm spending time with my family and kids and prioritizing health. On the clock, constantly learning toward Identity Security and AI.


Hackers don't break in, they log in.

Pinned Loading

  1. open-webui-aks-deployment open-webui-aks-deployment Public

    config files for open webui AKS deployment

    HCL 1

  2. hoppscotch-selfhosted-aks hoppscotch-selfhosted-aks Public

    Forked from nocticdr/hoppscotch-selfhosted-aks

    Selfhosting hoppscotch on AKS with Postgres and Cloudflare tunnel

    1

  3. mini-DFIR mini-DFIR Public

    A comprehensive Azure-based security monitoring and threat analysis solution for Windows virtual machines (IIS only for now) with automated deployment, centralized reporting, and web dashboard visu…

    PowerShell 1

  4. EntraFalcon EntraFalcon Public

    Forked from CompassSecurity/EntraFalcon

    A lightweight PowerShell tool for assessing the security posture of Microsoft Entra ID environments. It helps identify privileged objects, risky assignments, and potential misconfigurations.

    PowerShell

  5. OAuth-Service-Account-Automation OAuth-Service-Account-Automation Public

    Automate Microsoft Graph API access with OAuth 2.0 Authorization Code Flow. Store refresh tokens in Key Vault for Azure automation.

    PowerShell