SSO: Single Sign-On Made Simple In our increasingly digital world, managing multiple online accounts can be a hassle. From social media to banking, each service often requires its own username and password, leading to password fatigue and security risks. This is where Single Sign-On (SSO) comes into play, a technology that simplifies the login process Read More …
Tag: identity
SAML – Security Assertion Markup Language
In today’s digital landscape, where online security is paramount, understanding the tools that help protect our identities is essential. One such tool is SAML, which stands for Security Assertion Markup Language. While the acronym may sound complex, SAML plays a crucial role in enhancing identity security, especially in environments where multiple applications and services are Read More …
PAM – Privileged Access Management
The world of IT has changed dramatically over my career. We’ve gone from on-premises servers in a locked room to vast, multi-cloud environments. Yet, one fundamental truth remains: protecting the keys to the kingdom is non-negotiable. This is where Privileged Access Management (PAM) comes in, and for the next generation of IT professionals, understanding and Read More …
Notes :: The Red Forest model
The Red Forest model, also known as the Enhanced Security Administrative Environment (ESAE), was a security design for Active Directory (AD). Think of AD as the central phone book and security guard for a company’s computer network. It keeps track of all users, computers, and their permissions. The Red Forest model was created to make Read More …
RBAC – Role-Based Access Control
Technical Description of Role-Based Access Control (RBAC) Role-Based Access Control (RBAC) is a non-discretionary access control model that manages resource access based on predefined roles assigned to users. Unlike Discretionary Access Control (DAC), where resource owners dictate access, or Mandatory Access Control (MAC), where a central authority assigns security labels, RBAC operates on the principle Read More …
ACL – Access Control List
Think of an Access Control List (ACL) as a detailed gatekeeper attached to a digital resource, like a file, folder, network port, or even a database object. This gatekeeper holds a specific list of who (users or groups) is allowed to interact with that resource and in what way (what permissions they have). Instead of Read More …
MAC – Mandatory Access Control
A Rigid Security Model Mandatory Access Control (MAC) is a security model where access to resources is determined by a central authority based on security labels assigned to both subjects (users, processes) and objects (files, resources). Unlike discretionary access control (DAC), where the owner of a resource can control who accesses it, and role-based access Read More …
ENIAD – Endpoint, Network, Identity, Application, Data
Overview of ENIAD The ENIAD framework provides a comprehensive approach to cybersecurity by focusing on five critical areas that organizations must protect to ensure a robust security posture. Each component addresses specific aspects of security, enabling organizations to detect, respond to, and mitigate threats effectively. 1. Endpoint Endpoints refer to devices that connect to the Read More …
IAM – Identity and Access Management
Identity and Access Management (IAM) in Amazon Web Services (AWS) is a service that enables users to manage access to AWS resources securely. IAM allows organizations to control who can access specific resources, what actions they can perform, and under what conditions. This is crucial for maintaining security and compliance in cloud environments. Key Features Read More …
Hacker TV – Kerberoasting & Attacks 101
Want to understand how Kerberos works? Would you like to understand modern Kerberos attacks? Tim Medin walks you through how to attack Kerberos with ticket attacks and Kerberoasting. He covers the basics of Kerberos authentication and then shows you how the trust model can be exploited for persistence, pivoting, and privilege escalation. At the conclusion, Read More …