Category: Cyber
-
Guide to Cybersecurity Strategy
Written by
on
In this post, I have been discussing the steps I took to produce cyber security strategy and the methods I have explored . With that in mind, its important to note that there is no perfect cybersecurity strategy. The threat and technology landscapes continue to evolve at a rapid pace in this AI era. What…
-
An Overview of OAuth Grant Types and Flows
Written by
on
Introduction OAuth is an industry-standard framework for delegated authorization. “Delegated” is the keyword here because access is delegated and scoped to provide finer access control. In this post, I will explore different OAuth grant types, also known as OAuth flows, used to obtain access tokens. The goal of these grant types is to facilitate secure…
-
Cyber Security Incident Response
Written by
on
Introduction Cyber Security Incident response is set of capability with set of purpose responding to computer security related problems. Cyber Security Incident response team (CIRT) / Computer security incident response (CSIRT) is a group of skilled professionals assess the cyber security events and provide guidance or response to the events. Incident response is one of…
-
Password-less Authentication
Written by
on
Introduction Password-less authentication is current industry trend to remove passwords from online world to login. In this post, I will be exploring some of the concepts around password-less authentication. Password is one of the factor to identify yourself who you are authorised to login to application but last 6-7 years password is susceptible to different…
-
Single Sign-On (SSO) terminologies
Written by
on
Introduction In this post, we will look at different terminologies in SSO. Single Sign-On means use the same credentials everywhere whereas web SSO login once in browser and access multiple websites without authenticating again. When comes to SSO there are multiple names thrown around so lets look one by one SAML OIDC OAUTH JWT Federated…
-
Container Security: Part 1
Written by
on
Introduction What is container security ? Before I deep dive into explaining about container security. We need to understand what is container and why we need to secure it and how its different from traditional VM security and finally why we cannot use the same technique to secure the containers like virtual machines. Okay –…
-
SSRF – Server Side Request Forgery
Written by
on
What is SSRF? SSRF is server side request forgery. It allows bad actors to access internal sites outside of your internal network. SSRF vulnerability is one of the common web applications vulnerability exploited and OWASP top 10 web application vulnerability. Why it’s dangerous? If you are not following ZTNA (Zero Trust Network Access) model and…
-
Secrets Management
Written by
on
Introduction What is secret ? Secret can be anything to protect the information from others and hiding it from humans and machines. For e.g. PII(Personally Identifiable Information), Transaction data, passwords, Keys and so on. For the purpose of this article we are going to focus only on secrets to give access to other systems such…
-
AWS IAM Roles Anywhere – Part 2
Written by
on
In the previous post, I showed you how to create AWS IAM Roles Anywhere with external CA and in this post am going to discuss about some advance topics such as How to revoke a certificate There are multiple scenarios where you want to revoke an entity certificates like compromised entity or during off-boarding of…
-
Chisel – Favourite red team tool
Written by
on
Introduction Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. Single executable for both client / server connection. More details about this tool can be found here. Why is it useful ? Corporate network is not accessible from internet and its blocked by firewall. Chisel is helpful creating the proxy connection and…