Category: Cyber
-
Password-less Authentication
Introduction Password-less authentication is current industry trend to remove passwords from online world to login. In this post, I will be exploring some of the concepts around password-less authentication. Password is one of the factor to identify yourself who you are authorised to login to application but last 6-7 years password is susceptible to different […]
-
Single Sign-On (SSO) terminologies
Introduction In this post, we will look at different terminologies in SSO. Single Sign-On means use the same credentials everywhere whereas web SSO login once in browser and access multiple websites without authenticating again. When comes to SSO there are multiple names thrown around so lets look one by one SAML OIDC OAUTH JWT Federated […]
-
Container Security: Part 1
Introduction What is container security ? Before I deep dive into explaining about container security. We need to understand what is container and why we need to secure it and how its different from traditional VM security and finally why we cannot use the same technique to secure the containers like virtual machines. Okay – […]
-
SSRF – Server Side Request Forgery
What is SSRF? SSRF is server side request forgery. It allows bad actors to access internal sites outside of your internal network. SSRF vulnerability is one of the common web applications vulnerability exploited and OWASP top 10 web application vulnerability. Why it’s dangerous? If you are not following ZTNA (Zero Trust Network Access) model and […]
-
Secrets Management
Introduction What is secret ? Secret can be anything to protect the information from others and hiding it from humans and machines. For e.g. PII(Personally Identifiable Information), Transaction data, passwords, Keys and so on. For the purpose of this article we are going to focus only on secrets to give access to other systems such […]
-
Chisel – Favourite red team tool
Introduction Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. Single executable for both client / server connection. More details about this tool can be found here. Why is it useful ? Corporate network is not accessible from internet and its blocked by firewall. Chisel is helpful creating the proxy connection and […]
-
The Cuckoo’s Egg
Introduction Another interesting cybersecurity book I have read this year. It’s fascinating to read about the Cyber security investigation by Cliff Stoll to catch the hacker. Book starts with Cliff Stoll tries to identify the discrepancy in the accounting system(I think 75c) and he ended up chasing the hacker and along the way Cliff learnt […]
-
AWS IAM Roles Anywhere – Part 1
Introduction AWS recently released the IAM Roles Anywhere and its well thought and recommended feature instead of using Long term access keys for workloads. In short, AWS IAM Roles anywhere is based on x.509 certs by creating the trust between PKI and IAM. Why I have to use AWS IAM Roles Anywhere? Historically on-premise workloads […]
-
Just-in-time(JIT) access to servers using Vault