Why Cirro?

Cloud graph tools often focus heavily on identity relationships within the management plane, but risk also emerges when those relationships interact with configuration that may lead to data access. Cirro focuses on mapping management plane permissions while enriching them with configuration context and data plane visibility to show how access can be used in practice.

By combining management plane mapping with configuration insights and data plane context, Cirro helps uncover how control over systems can lead to real-world impact, making hidden risks easier to identify and understand.

Uncovering Security Risks

Cirro is a framework for modeling cloud environments as relationship graphs, built to help you find and understand attack paths. It takes identities, resources, and configurations and connects them into a single view so you can see how permissions and settings combine into real, multi-step paths that aren’t obvious from raw data alone.

Cirro fills a gap in cloud security tooling by tying together management access, configuration details, and data exposure, making it easier to see how an attacker could pivot through an environment.

Maps identities, resources, and permissions into a graph to reveal hidden attack paths
Connects management access with configuration and data exposure to show real impact
Helps you understand how a compromise can spread and determine a blast radius on both management and data planes

BISHOP FOX SECURITY RESEARCHER

MEET THE CREATOR

Leron Gray
Senior Security Consultant - Red Team

Leron Gray is a Senior Security Consultant II on Bishop Fox's Red Team. He previously worked at Microsoft on the Azure Red Team and as a Cryptologic Technician (Networks) for the U.S. Navy.

Leron holds a Masters in Cyber Defense from Dakota State University and is a PhD candidate for Cyber Operations. He has a graduate certification in penetration testing and ethical hacking from SANS Technology Institute.