Microsoft Security MVP • Security Research • Cloud & AI Security Specialist • DFIR

I’m a security researcher who lives at the intersection of offensive operations, cloud abuse, identity abuse, and enterprise defence.
With a background in red-team tools, DFIR, threat hunting, cloud, and XDR (across M365, Azure, GCP, GWS), I enable defenders and testers to navigate the evolving threat terrain.

Custom Language Focus

I’m leading research into Offensive AI (OffSec AI) exploring how AI models, multi-agent systems, and orchestration frameworks can be exploited or hardened in real-world security contexts.

Current work includes:

• AI Agent Exploitation: understanding prompt injection, memory poisoning, model context protocol (MCP) weaknesses, and autonomous sub-agent control hijacking.
• AI-SOC Development: building frameworks that integrate LLM-based agents into SOC pipelines for automated triage, detection engineering, and red teaming.
• PyRIT & MCP Experiments: leveraging Microsoft’s PyRIT and custom evaluation pipelines to measure resilience against jailbreaks and prompt chaining attacks.
• AI-SPM (AI Security Posture Management): defining new detection layers for LLM-powered services inside Defender for Cloud and Sentinel.

Security by design is no longer optional, it’s survival.

• Featured on my blog: Cyberdom.blog with deep dives into identity abuse, cloud threat-hunting, AI Red-Teaming, and OffSec AI.
• Regularly present at Purple Hat events (attack/defend tracks) and community meet-ups.
• Active on LinkedIn and X: follow for micro-insights on AI security, token abuse, and cloud IR.

• LinkedIn: linkedin.com/in/ellishlomo
• X (Twitter): @ellishlomo_sec

“Security isn’t just a stack of tools, it’s a mindset. Whether you’re hunting tokens, fuzzing OAuth, or tracing lateral cloud movement, stay curious, stay sceptical, and keep building.”