Another one - Microsoft sell a HSM service to customers. Could they use it for their own services, maybe? https://learn.microsoft.com/en-us/azure/key-vault/managed-hsm/overview
@f7d0478e they DO use HSMs for their WINDOWS and XBOX signing keys
@1889f834 yeah, not sure this - and MSA is pretty important
@f7d0478e the real wtf would be if they'd used something stupid like a sentinel HASP protection dongle as an "HSM" for encryption at rest but not in-memory
@1889f834 let’s just say they should investigate HSM solutions they sell 🤣