Nathan Aw – Page 4 – WindowsTechs.com

Securing the SPIFFE (Secure Production Identity Framework for Everyone) SPIRE (the SPIFFE Runtime Environment) servers (a crown jewel)

Posted on October 15, 2021 by Nathan Aw

How does one secure the SPIFFE (Secure Production Identity Framework for Everyone) SPIRE (the SPIFFE Runtime Environment) server given the importance of the SPIRE Server in authenticating and attesting the workloads?
The SPIRE Server is th… Continue reading Securing the SPIFFE (Secure Production Identity Framework for Everyone) SPIRE (the SPIFFE Runtime Environment) servers (a crown jewel)→

securing webassembly/WasmEdge – any 0-day exploits so far and devsecops pipeline targetted at webassembly?

Posted on October 13, 2021 by Nathan Aw

I am looking to deploy webassembly at scale in production. Before I do so, like to know if there are any 0-day exploits so far and if there are devsecops tools pipeline specifically targetted at webassembly?

Continue reading securing webassembly/WasmEdge – any 0-day exploits so far and devsecops pipeline targetted at webassembly?→

Instead of waiting until zero-day exploits to happen, how to preemptively find zero-day vulnerabilities in order to deter zero-day exploits?

Posted on October 8, 2021 by Nathan Aw

Instead of waiting until zero-day exploits to happen, how to preemptively find zero-day vulnerabilities in order to deter zero-day exploits? There has to be a better way.

Continue reading Instead of waiting until zero-day exploits to happen, how to preemptively find zero-day vulnerabilities in order to deter zero-day exploits?→

Can an API endpoint hosted running on K8S be breached to compromise the entire cluster? Were there ever such attacks?

Posted on October 8, 2021 by Nathan Aw

Can an API endpoint or a Web Application hosted on K8S exposed been breached to compromise the entire K8S cluster? Were there ever such attacks?
i.e., attacker compromises the spring boot based API with some /PUT, /POST calls which then co… Continue reading Can an API endpoint hosted running on K8S be breached to compromise the entire cluster? Were there ever such attacks?→

Will Rust and Sysrust end buffer overflow/buffer overruns once and for all? [closed]

Posted on October 7, 2021 by Nathan Aw

Will Rust and Sysrust make buffer overflow/buffer overruns exploits a thing of the past?
https://kilthub.cmu.edu/articles/report/SyRust_Automatic_Testing_of_Rust_Libraries_with_Semantic-Aware_Program_Synthesis_Technical_Report/14356949

… Continue reading Will Rust and Sysrust end buffer overflow/buffer overruns once and for all? [closed]→

Working Code for Grant Negotiation and Authorization Protocol (gnap) for evaluation? Performance vs OAuth/OIDC

Posted on October 6, 2021 by Nathan Aw

Understand that Grant Negotiation and Authorization Protocol (gnap) is still in draft status at the IETF.
I am looking to evaluate GNAP and be the first to put in production. Are there any working Code for Grant Negotiation and Authorizati… Continue reading Working Code for Grant Negotiation and Authorization Protocol (gnap) for evaluation? Performance vs OAuth/OIDC→

Authentication for blockchain nodes using SPIFFE/SPIRE to avoid rogue nodes [closed]

Posted on October 6, 2021 by Nathan Aw

As a blockchain microservices developer, I observed that most, if not all, public blockchain nodes do not authenticate or authorise with each other before communicating.
If one may apply authentication to blockchain nodes using SPIFFE/SPIR… Continue reading Authentication for blockchain nodes using SPIFFE/SPIRE to avoid rogue nodes [closed]→

Using indistinguishability obfuscation (iO) to deter/stop data exfiltration? [closed]

Posted on March 19, 2021 by Nathan Aw

Can indistinguishability obfuscation (iO) be leveraged upon to deter/stop data exfiltration like what we seen in Solarwinds and Hafnium attacks?

Continue reading Using indistinguishability obfuscation (iO) to deter/stop data exfiltration? [closed]→

Use of distributed ledger/blockchain to stop data exfiltration? [closed]

Posted on March 16, 2021 by Nathan Aw

If all our identities, our data (emails, pictures) are on distributed ledgers/blockchain, can the use of distributed ledgers/blockchain stop data exfiltration for good?

Continue reading Use of distributed ledger/blockchain to stop data exfiltration? [closed]→

Using Artificial Intelligence (AI) to detect unauthorized code modification to reduce and to even stop zero-day exploits

Posted on March 10, 2021 by Nathan Aw

Since Solarwinds Hack and Hafnium attack involved some degree of unauthorized code modification (orion DLL, creation of web shell), is it possible to use Artificial Intelligence (AI) built into the very application (Solarwinds, Exchange Se… Continue reading Using Artificial Intelligence (AI) to detect unauthorized code modification to reduce and to even stop zero-day exploits→