Mindblown: a blog about Cyber Security.
-
An Overview of OAuth Grant Types and Flows
Introduction OAuth is an industry-standard framework for delegated authorization. “Delegated” is the keyword here because access is delegated and scoped to provide finer access control. In this post, I will explore different OAuth grant types, also known as OAuth flows, used to obtain access tokens. The goal of these grant types is to facilitate secure […]
-
Cyber Security Incident Response
Introduction Cyber Security Incident response is set of capability with set of purpose responding to computer security related problems. Cyber Security Incident response team (CIRT) / Computer security incident response (CSIRT) is a group of skilled professionals assess the cyber security events and provide guidance or response to the events. Incident response is one of […]
-
Password-less Authentication
Introduction Password-less authentication is current industry trend to remove passwords from online world to login. In this post, I will be exploring some of the concepts around password-less authentication. Password is one of the factor to identify yourself who you are authorised to login to application but last 6-7 years password is susceptible to different […]
-
Single Sign-On (SSO) terminologies
Introduction In this post, we will look at different terminologies in SSO. Single Sign-On means use the same credentials everywhere whereas web SSO login once in browser and access multiple websites without authenticating again. When comes to SSO there are multiple names thrown around so lets look one by one SAML OIDC OAUTH JWT Federated […]
-
Container Security: Part 2
This is the continuation of container security: Part 1, in this post we are going to discuss about container runtime protection. Container runtime protection is key security control because this is where “rubber meets the road”. Container will be serving critical workloads and processing sensitive data. Below are the areas we will exploring in this […]
-
Container Security: Part 1
Introduction What is container security ? Before I deep dive into explaining about container security. We need to understand what is container and why we need to secure it and how its different from traditional VM security and finally why we cannot use the same technique to secure the containers like virtual machines. Okay – […]
-
Canary tokens on AWS
What are Canary tokens? Canary tokens is simple way to detect attacker in your environment. Canary tokens provides visibility and able to identify how far the attacker penetrated the network. And also, sometimes it can be used to test your defence system. In the blog post, I am going to show how easy to deploy […]
-
SSRF – Server Side Request Forgery
What is SSRF? SSRF is server side request forgery. It allows bad actors to access internal sites outside of your internal network. SSRF vulnerability is one of the common web applications vulnerability exploited and OWASP top 10 web application vulnerability. Why it’s dangerous? If you are not following ZTNA (Zero Trust Network Access) model and […]
-
Secrets Management
Introduction What is secret ? Secret can be anything to protect the information from others and hiding it from humans and machines. For e.g. PII(Personally Identifiable Information), Transaction data, passwords, Keys and so on. For the purpose of this article we are going to focus only on secrets to give access to other systems such […]
-
API Security
What is API? API is the acronym for application programming interface –– a software intermediary that allows two applications to talk to each other. APIs are an accessible way to extract and share data within and across organisations – MuleSoft Why API needs to be secured ? API first strategy is common and API is […]
Got any questions?