Skip to content

Saturday, May 16, 2026

Build+Break+Secure

Where Every Failure Becomes A Manual

BUILD
- Microsoft Power Automate
  - Microsoft Teams
  - SentinelOne
- Microsoft PowerShell
  - Scripts
BREAK
- Common Vulnerabilities and Exposures
- Kusto Query Language
  - Microsoft Sentinel
  - Zscaler
SECURE
- Active Directory
  - Hardening
- Kusto Query Language

Build+Break+Secure

Where Every Failure Becomes A Manual

BUILD
- Microsoft Power Automate
  - Microsoft Teams
  - SentinelOne
- Microsoft PowerShell
  - Scripts
BREAK
- Common Vulnerabilities and Exposures
- Kusto Query Language
  - Microsoft Sentinel
  - Zscaler
SECURE
- Active Directory
  - Hardening
- Kusto Query Language

+ BREAK \ Common Vulnerabilities and Exposures \ Zscaler

+ BREAK Common Vulnerabilities and Exposures Zscaler

April 16, 2026 Wayne Andes 7 Views 0 Comments 1 min read

Improper Signature Verification in Zscaler SAML Authentication

CVE-2025-54982 April 15, 2026 If you’ve ever trusted SAML implicitly because “it’s enterprise, it’s secure,” this vulnerability is your gentle

+ BREAK Common Vulnerabilities and Exposures Zscaler

April 1, 2026 Wayne Andes 5 Views 0 Comments 1 min read

Traffic Inspection Bypass via Client Connector Misconfiguration

CVE-2026-22569 March 31, 2026 Now this one is sneaky. CVE-2026-22569 involves a startup configuration issue in Zscaler Client Connector for

+ BREAK Common Vulnerabilities and Exposures Zscaler

February 24, 2026 Wayne Andes 7 Views 0 Comments 1 min read

Improper Input Validation in ZIA Admin UI

CVE-2026-22567 February 23, 2026 You know how input validation is one of those “we learned this in year one” concepts?

+ BREAK Common Vulnerabilities and Exposures Zscaler

February 24, 2026 Wayne Andes 5 Views 0 Comments 1 min read

ZIA Admin UI Information Disclosure

CVE-2026-22568 February 23, 2026 This one doesn’t scream chaos at first glance, but don’t underestimate information disclosure vulnerabilities. CVE-2026-22568 allows

Search

Topics To Explore

+ BLOG + BREAK + BUILD + NEWS + SECURE Active Directory Azure Logic Apps Common Vulnerabilities and Exposures Fortinet Homelab Kusto Query Language Microsoft Defender for Endpoint Microsoft Defender XDR Microsoft Power Automate Microsoft PowerShell Microsoft Sentinel Microsoft Teams Microsoft Windows Microsoft Windows Server SentinelOne Symantec Endpoint Protection VMware Carbon Black Zscaler

Recent BUILD Posts

Streamline SentinelOne Endpoint Scans with Power AutomateJune 2, 2025
Automate SentinelOne Incident Alerts to Microsoft Teams with Power AutomateJune 2, 2025
Get Started On Microsoft Power AutomateMay 26, 2025
PowerShell Finds Its Voice: Talking Scripts Are Now a ThingJuly 7, 2023

Recent BREAK Posts

Azure Logic Apps Elevation of Privilege VulnerabilityMay 13, 2026
Improper Signature Verification in Zscaler SAML AuthenticationApril 16, 2026
Azure Logic Apps Credential Exposure Risk Leading to Privilege EscalationApril 15, 2026
Traffic Inspection Bypass via Client Connector MisconfigurationApril 1, 2026
Improper Input Validation in ZIA Admin UIFebruary 24, 2026

Recent SECURE Posts

Detect QR Code-Based Phishing with KQL in Microsoft Defender XDRFebruary 10, 2025
Monitor Active CISA Exploited CVEs Using This KQL QueryFebruary 3, 2025
Detect Microsoft Teams Large Data Transfer Using KQLJanuary 28, 2025
Detect Microsoft Teams Large Data Transfer Using KQLJanuary 27, 2025
List Untrusted SSH File Transfer Protocol Connection Not Blocked By Symantec Endpoint ProtectionJanuary 22, 2025

About Me • Privacy Policy • Terms of Use • © 2026 Build+Break+Secure

Manage Consent

To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.

Functional Functional Always active

The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.

Preferences Preferences

The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.

Statistics Statistics

The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.

Marketing Marketing

The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.

Manage options
Manage services
Manage {vendor_count} vendors
Read more about these purposes

View preferences

{title}
{title}
{title}