YaniinInfoSec Write-upsUnmasking Prompt Injection: A Dive into an Overlooked AI Security ConcernTable of ContentsSep 13Sep 13
YaniinInfoSec Write-upsSecuring Private APIs in API Gateway Using VPC EndpointsA VPC (Virtual Private Cloud) endpoint is a private connection between your VPC and another AWS (Amazon Web Services) service, such as S3…Jun 27, 20231Jun 27, 20231
YaniinInfoSec Write-upsSeamless Cross-Account, Cross-Region Replication of Encrypted Objects in AWS S3: Simplified Data…In today’s digital landscape, data protection is paramount for organizations handling sensitive information. Amazon Simple Storage Service…Jun 5, 20231Jun 5, 20231
YaniinInfoSec Write-upsEnhancing API Gateway Security: Integrating AWS Cognito User Pools with Authorization Code GrantAmazon Cognito is a fully managed service provided by Amazon Web Services (AWS) that simplifies the authentication, authorization, and user…May 27, 20231May 27, 20231
YaniinInfoSec Write-upsThe Bind, Escalate and Impersonate Verbs For Privilege Escalation In The Kubernetes ClusterKubernetes role binding plays a critical role in controlling access to resources within a Kubernetes cluster, it grants the permissions…May 12, 2023May 12, 2023
YaniinInfoSec Write-upsSingle Sign-On: OAUTH vs OIDC vs SAML — Part 2Welcome to Part 2 of our series on Single Sign-On (SSO) technologies. In the previous blog post, we went through SSO, OAuth, and OpenID…Mar 26, 2023Mar 26, 2023
YaniinInfoSec Write-upsSingle Sign-On: OAuth vs OIDC vs SAML— Part 1User authentication is a critical component of online services and applications, enabling users to access secure resources while protecting…Mar 25, 20231Mar 25, 20231
YaniinInfoSec Write-upsEnforce Zero Trust With East‑West Traffic Encryption in Kubernetes with Istio — Part 2In part 1, we have gone over concepts of East-West traffic encryption with Istio in Kubernetes. In this section, we will set up Istio…Feb 2, 2023Feb 2, 2023
YaniinInfoSec Write-upsEnforce Zero Trust With East‑West Traffic Encryption in Kubernetes with Istio — Part 1A typical enterprise’s infrastructure has grown increasingly complex, especially when they move from traditional monolithic software…Jan 28, 2023Jan 28, 2023
YaniJNDI Injection Series: RMI Vector — The Final Piece of The PuzzleIn the previous three blogs (JNDI Injection Series: RMI Vector — Fundamentals, JNDI Injection Series: RMI Vector — Dynamic Class Loading…Jan 11, 2023Jan 11, 2023