I'm looking for examples of adding mutual auth to legacy tools to understand how other people have solved it.
* The thing itself can't be touched (blackbox of spaghetti code, can't even find the original developers, or third-party vendor that no longer exists)
* Is mission critical. The tool is responsible for major operations and revenue.
* Now needs access control for the tool. AuthN/Z, logging, you name it. Bring it from 1994 to 2024.
Does anyone have any examples of this being given as a directive? What did you do? submitted by /u/Pomerium_CMo
[link] [comments]
http://dlvr.it/T0zcCd
Full width home advertisement
Blog Archive
-
▼
2024
(445)
-
▼
January
(55)
- Project Manager without technical experience? I wo...
- Clicker — HackTheBox Machine Simple Writeup by Kar...
- IT, IS, Cybersecurity and/or InfoSec Audit
- Your Life in the Crosshairs of Cybersecurity Threats!
- Is hacking getting boring
- 5.7 Lab: Weak isolation on dual-use endpoint | 2024
- Top cybersecurity stories for the week of 01-22-24...
- How do you do Detection-as-Code?
- The art of learning bug bounty.
- SQL Injection on PostgreSQL
- How do you actually find bugs? (My 2 year experience)
- Does anyone know of a 3rd party vendor risk *monit...
- Making My First 10K by Hacking Open Source Targets
- Pivoting to pentesting/red teaming
- Login DoS — That requires simply sending a lot of ...
- Technology Consultant - Obsolescence and Security
- 52% of IT leaders will adopt GenAI tools for cyber...
- Top cybersecurity stories for the week of 01-15-24...
- Hydra Tryhackme: Walkthrough/Writeup
- AI is making cyber criminals dangerous with tools ...
- question for the younger folks in the 'biz, about ...
- Security tools behind Okta?
- Web Security Academy — Business Logic Vulnerabilit...
- The problem with most file encryption tools. A cas...
- SMTP Server (JAMES SMTP Server 2.3.2)
- Despite A Rise in Cyber Attacks, Many Users Still ...
- Aussie Small Business Owners – Join Our New Cybers...
- 3.2 Lab: File path traversal, traversal sequences ...
- Common obstacles to exploiting path traversal vuln...
- Seeking Insights from UK Businesses Conducting Cyb...
- Windows Exploitation Learning Path in TryHackMe
- Few consumers adopt cybersecurity tools, despite p...
- A Beginner’s Guide to Bug Hunting: Your Passport t...
- How AI Tools Are Revolutionizing Cybersecurity in ...
- Automating the Detection of Malicious URLs
- Subdomain Bruteforce Tool
- New York State Plans to Give Some Cities Free Cybe...
- Blind boolean-based SQLi, by manipulating url
- How to build a DLP program from the ground up?
- Paid Subscriptions Resources which will be useful ...
- Week in review: 15 open-source cybersecurity tools...
- Massive Data Breach Unveiled by Orrick Law Firm, A...
- The Art of Shodan
- Cybersecurity posture for AI app: a viable busines...
- My first bugs in 2024
- Survey Surfaces Lack of Confidence in Existing Cyb...
- Adding mTLS to legacy tools?
- 2.6 Lab: Broken brute-force protection, IP block |...
- 15 open-source cybersecurity tools you'll wish you...
- Inventory of assets - what tooling do you use?
- My First Bug Bounty: Lessons Learned and Money Earned
- Cybersecurity Toolbox: 10 Essential Tools for Ever...
- From Disclosure to High Severity: Leveraging Dyte ...
- Penetration testing?
- Simple Subdomain Takeover
-
▼
January
(55)
Advertisement
LIVE CYBERTHREAT
Latest Trends
Contact Form
amcat question search
search Pentest tools
Total Pageviews
Search Blog
Copyright 2017, " Vpentest ". All rights Reserved.
| Designed by Colorlib
No comments:
Post a Comment