-
Continue reading →: What is in NIST 2 Draft ?NIST Framework has been widely used across organization in different sectors. Now they have released NIST 2 Draft , Let’s see what they have Each organization have unique which results in different objectives and approach to the framework in managing the risk. This collectively creates the taxonomy and structure to…
-
Continue reading →: Securing Artificial IntelligenceGoogle , AWS and Azure all are heavily investing in AI and enhancing their AI capability at a faster pace. So, as security personal how do you keep up with it? Today’s blog helps you to look Artificial intelligence from Application Security eyes. In Modern App architecture, i would include…
-
Continue reading →: Microsoft Identity Platform – Part 3
In Part 1 and Part2, we have been looking at the basics of identity (AuthN and AuthZ) and how SAML and OAuth work. Also, how OAuth 2.0 works in conjunction with OpenID Connect. This week let’s see different grant types of OAUTH 2.0. There are four types Authorization code Authorization…
-
Continue reading →: Microsoft Identity Platform – Part 2
Let’s see about OAuth with week! Lets assume we have a user and two websites (Website 1 and Website 2). User is trying to access website 2 via website 1 In Password Anti-pattern implementation website 1 stores/logs the user credentials . Resulting in insecure implementation. Website1 can now use user…
-
Continue reading →: Microsoft Identity Platform – Part 1
For next few weeks, I’ll go through MS Identity Platform and share how application can use the Platform to authenticate and authorize the users. Microsoft Identity platform components includes Authentication What is it? Authentication is the process of proving that you are who you say you are. Supported Industry standard ?…
-
Continue reading →: Implementing WAF in AzureThis week let’s see how to implement Azure WAF Why you need WAF ? What is Azure WAF ? How to Implement WAF ?
-
Continue reading →: Automation in Aws – Part 2
To Illustrate Automation, I would be using the EventBridge events along with Automation document to stop the EC2 as soon as it started. High Level Plan Configure EventBridge child accounts to send events to the master account Low Level Plan Create Event Bus In the Account ID , Replace it…
-
Continue reading →: Automation in AWSA couple of weeks ago, we saw, How to use Azure service to automate based on the events. If you have not seen it, here is the link. Let’s see how you can automate it in AWS. In AWS, there are many different ways to automate, But one critical service is…
Hello,
I’m Ara
Welcome to Cloud Security Blog, my corner of the internet dedicated to Cloud and AI Security .
Let’s connect
Join the fun!
Stay updated with our latest tutorials and ideas by joining our newsletter.
Cyber Security Shots 