• Clean Source principle
• A Case Study of Using BitLocker and TPM with Nested VMs in Azure
• How to Use BitLocker in Azure
• Flaws of the Above-Mentioned Scenario
• What if You Deploy a Signed App Control Policy on the Host VM?
• So, What Alternative Will the Threat Actor Pursue?
• Clean Source and Assume Breach Principle, a Match Made in Heaven
• So, What Is the Solution?
• Introducing Privileged Access Workstations (PAW)
• Azure Confidential Compute
• Conclusion