AI-Powered Application Penetration Testing—Scale Security Without Compromise Learn More

bishopfox-logo-grey
Get Started
Company header bg dark
Cirro: Revealing Cloud Attack Paths

CIRRO

Cirro is an extensible security research platform that enables researchers and penetration testers to collect, analyze, and visualize cloud environments and identity relationships through graph databases.

Get Cirro on GitHub >

Workshops
Workshops & Training

Inside Cirro: Mapping Attack Paths in Azure

Inside Cirro: Mapping Attack Paths in Azure
Watch Workshop
Workshops & Training

Inside Cirro: Schemas and Extensible Identity Graphs

Inside Cirro: Schemas and Extensible Identity Graphs
Watch Workshop

MAP AND ANALYZE CLOUD RELATIONSHIPS TO UNCOVER SECURITY RISKS

ABOUT CIRRO

Why Cirro?

Cloud graph tools often focus heavily on identity relationships within the management plane, but risk also emerges when those relationships interact with configuration that may lead to data access. Cirro focuses on mapping management plane permissions while enriching them with configuration context and data plane visibility to show how access can be used in practice.

By combining management plane mapping with configuration insights and data plane context, Cirro helps uncover how control over systems can lead to real-world impact, making hidden risks easier to identify and understand.

Uncovering Security Risks

Cirro is a framework for modeling cloud environments as relationship graphs, built to help you find and understand attack paths. It takes identities, resources, and configurations and connects them into a single view so you can see how permissions and settings combine into real, multi-step paths that aren’t obvious from raw data alone.

Cirro fills a gap in cloud security tooling by tying together management access, configuration details, and data exposure, making it easier to see how an attacker could pivot through an environment.

  • Maps identities, resources, and permissions into a graph to reveal hidden attack paths
  • Connects management access with configuration and data exposure to show real impact
  • Helps you understand how a compromise can spread and determine a blast radius on both management and data planes

BISHOP FOX SECURITY RESEARCHER

MEET THE CREATOR

Leron Gray Headshot.

Leron Gray
Senior Security Consultant - Red Team

Leron Gray is a Senior Security Consultant II on Bishop Fox's Red Team. He previously worked at Microsoft on the Azure Red Team and as a Cryptologic Technician (Networks) for the U.S. Navy.

Leron holds a Masters in Cyber Defense from Dakota State University and is a PhD candidate for Cyber Operations. He has a graduate certification in penetration testing and ethical hacking from SANS Technology Institute.

Meet the Fox

CIRRO RESEARCH

Check out these related resources

Get started with Cirro

Explore attack paths

Resource card background 003
Explore Cirro and start mapping real attack paths across your Azure environment today.
Get on GitHub
Watch Workshop

Inside Cirro: Mapping Attack Paths in Azure

Resource card background 002
This workshop shows how Cirro maps identities and roles into attack paths using graph-based analysis.
Watch Now
Read Blog

Inside Cirro: Attack Paths, Cloud Graphs, and Extensible Schemas

Resource card background 004
Discover how Cirro maps hidden attack paths across Azure identities, resources, and data to reveal what attackers actually see.
Read More
Watch Workshop

Inside Cirro: Schemas and Extensible Identity Graphs

Resource card background 001
This workshop breaks down how Cirro’s extensible design supports consistent analysis as new systems and data sources are added.
Watch Now

This site uses cookies to provide you with a great user experience. By continuing to use our website, you consent to the use of cookies. To find out more about the cookies we use, please see our Privacy Policy.