Latest from SECSANDMAN

IAM – Okta MFA + AD + OIDC & VAULT

This article covers the end-to-end tasks for deploying and enabling an Okta OIDC supported HashiCorp Vault integration backed with Microsoft Active Directory group memberships. This is a quite long and intensive blog post and isn’t intended for the casual reader. If you want to know whether VAULT supports OIDC and OKTA verify number challenges then…

DEVSEC – protecting cicd with yubikey protected ssh keys

About three months ago, I was studying Yubikey for the use of signed git commits and signed merges. During this, I ended up doing a small PoC on loading my Git repo’s SSH key into a secure hard-token instead of leaving it on my local desktop for malware to compromise. So I took some step-by-step…

DETECT/IR – automating aws guard-duty with terraform

It’s been a long weekend and I haven’t left this cushy gaming chair in 12 hours, 20 if you don’t count leaving for sleep… So let’s cut to the chase so I can go ride my bike and enjoy a beer … Here’s a quick weekend project which automates almost all of the AWS GuardDuty…

Panel 1

Home

Latest from SECSANDMAN

CLOUDSEC – Hey CLOUD PROVIDERS! FIX THIS insecure secrets mgmt trend

intro It feels like we’re taking a huge step back in secrets management security. AWS, Azure, GCP all have the concept of “roles” and “permissions”. As many of you already know, those roles and their permissions can be mapped to your servers, lambda functions and native cloud services. But what’s the impact to the Application…

APPSEC – PWNKIT – CVE-2021-4034

INTRO It’s been awhile since I’ve made time to write here. Was feeling bored today catching up a the latest buzz and discovered an extremely easy script kiddy exploit out in the wild called PWNKIT aka CVE-2021-4034 Qualys Research Team. Shout out to them. So What is it? The PWNKIT vulnerability is based on polkit’s…

CLOUDSEC – Azure App Service – Cool feature or dangerous back channel ?

Azure app service is a quasi PaaS and IaaS type of solution. Most importantly, it can remove the idea of a DMZ and put the power of public internet access into the hands of developer, remove separation of duties and most interestingly create a back channel for malware command and control systems. Plus there are…

Panel 2 Placeholder
Panel 3 Placeholder
Panel 4 Placeholder