The OWASP Top 10 represents a broad consensus about the most common and critical security risks to web applications. It can be used as reference for web application security.
DH key exchange is a critical component in virtually every PKI implementation. Having a working knowledge of what it is and how it works would help in understanding PKI as a whole.
In a cluster setting where TLS mutual authentication is required, it’s not uncommon to see client certificates signed by either self-signed root CA or private CA.
This post is my collection of python3 code snippets including string and list manipulation.
This is the second post of a series that demonstrates how to leverage AWS CloudTrail in auditing user actions. This post is focused on cross account access.
AWS CloudTrail is an essential service that records user actions and systems events. This is the first post of a series that demonstrates how to leverage CloudTrail to identify the IAM principal and establish timelines. This post is focused on same account access.
Whether you are troubleshooting or investigating something on AWS, being able to look up user identity across the Cloudtrail event logs can be very helpful.
All you need to know about OTP from a security perspective.
This post is my collection of articles related to threat modeling and Microsoft STRIDE threat model.
Review the differences and similarities between the two protocols from an architecture and security perspective.