G :donor: :Tick:<p>🚨 New Release: M365 Breakglass Immaturity Model v1.0<br><a href="https://github.com/KuShuSec/KuShu-Atama" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/KuShuSec/KuShu-Atama</span><span class="invisible"></span></a></p><p>Back in April, I shared the M365 Breakglass Maturity Model — and the community response was phenomenal.</p><p>Since then, through chats, DMs, and real-world horror stories, one thing became clear:</p><p>👉 We also need a mirror model — not to guide best practice, but to name the chaos many orgs still live in.</p><p>So I’ve built a companion: the M365 Breakglass Immaturity Model v1.0.</p><p>It’s not a ladder.<br>It’s a warning sign.</p><p>Grouped into five categories:<br> • 🔥 Fire Hazard<br> • 🔑 Shared Secrets<br> • 🕳️ Hidden Traps<br> • 🙈 We Don’t Talk About Breakglass<br> • 📉 Governance</p><p>Each one reflects real anti-patterns seen in the field — from:<br> • credentials emailed in plain text,<br> • to breakglass accounts subject to Conditional Access and cleanup jobs,<br> • to recovery runbooks that are themselves inaccessible during an outage.</p><p>🔗 You can find the full model (PDF, PNG, mindmap) here:</p><p><a href="https://github.com/KuShuSec/KuShu-Atama" rel="nofollow noopener" translate="no" target="_blank"><span class="invisible">https://</span><span class="">github.com/KuShuSec/KuShu-Atama</span><span class="invisible"></span></a></p><p>Huge thanks to Kay Daskalakis and <span class="h-card" translate="no"><a href="https://infosec.exchange/@sassdawe" class="u-url mention" rel="nofollow noopener" target="_blank">@<span>sassdawe</span></a></span> for battle-scarred input. This was truly shaped by practitioners.</p><p>⸻</p><p>If you’ve seen other breakglass anti-patterns out there — I’d love to hear them.<br>Drop them in the comments, or fork and PR!</p><p>(And yes — v1.1 of the Maturity Model is still there too. Side-by-side for those who want the full contrast.)</p><p>More coming soon.</p><p><a href="https://infosec.exchange/tags/KuShuSec" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>KuShuSec</span></a> <a href="https://infosec.exchange/tags/AzureAD" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>AzureAD</span></a> <a href="https://infosec.exchange/tags/EntraID" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>EntraID</span></a> <a href="https://infosec.exchange/tags/M365" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>M365</span></a> <a href="https://infosec.exchange/tags/SecurityArchitecture" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>SecurityArchitecture</span></a> <a href="https://infosec.exchange/tags/Breakglass" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Breakglass</span></a> <a href="https://infosec.exchange/tags/IAM" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>IAM</span></a> <a href="https://infosec.exchange/tags/MindMap" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>MindMap</span></a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>CyberSecurity</span></a> <a href="https://infosec.exchange/tags/VisualSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>VisualSecurity</span></a> <a href="https://infosec.exchange/tags/Resilience" class="mention hashtag" rel="nofollow noopener" target="_blank">#<span>Resilience</span></a></p>