all InfoSec news
Cross-Tenant Request Forgery Attack in Multi-Tenancy Environments - Albert Yu & Alan Bishop
Nov. 20, 2023, 10:23 p.m. | OWASP Foundation
OWASP Foundation www.youtube.com
Description
To build a SaaS application platform, most platform owners rely on integrations with more popular ecosystems such as Microsoft Azure, Google Workspace, Okta, Github, Atlassian Jira, etc. The industry has moved towards open standards like OAuth for access delegation, but there are several flavors (e.g. 3LO, 2LO, SPA) of OAuth and each flavor works in different scenarios. Some API access mandates a particular flavor of OAuth.
What's adding to the …
alan application atlassian attack azure build ecosystems environments etc forgery github google google workspace industry integrations jira microsoft microsoft azure multi-tenancy oauth okta open standards platform popular request saas saas application standards workspace
More from www.youtube.com / OWASP Foundation
OWASP 2024 Global AppSec Lisbon -- Promo
5 days, 10 hours ago |
www.youtube.com
Meet OWASP Top 10 for LLM Apps at RSA!
1 month, 1 week ago |
www.youtube.com
Jobs in InfoSec / Cybersecurity
Information Security Engineers
@ D. E. Shaw Research | New York City
Technology Security Analyst
@ Halton Region | Oakville, Ontario, Canada
Senior Cyber Security Analyst
@ Valley Water | San Jose, CA
COMM Penetration Tester (PenTest-2), Chantilly, VA OS&CI Job #368
@ Allen Integrated Solutions | Chantilly, Virginia, United States
Consultant Sécurité SI H/F Gouvernance - Risques - Conformité
@ Hifield | Sèvres, France
Infrastructure Consultant
@ Telefonica Tech | Belfast, United Kingdom