This week's articles
SCIM Hunting - Beyond SSO
Post diving into the core aspects of SCIM (System for Cross-domain Identity Management), and the insecure design issues often found while testing its implementations.
#attack
#saas
The cryptography behind passkeys
Post examining the cryptography behind passkeys, the guarantees they do or do not give, and interesting cryptographic things you can do with them, such as generating cryptographic keys and storing certificates.
#explain
|