Determining IaC ownership – a tag-based approach(token.security) Infrastructure as Code (IaC) is a major tool for creating scalable environments in the cloud. With a single command, you can create hundreds of accounts, servers, policies, and identities. It is a tough task to monitor identities, especially non-human identities (NHIs), but IaC-generated identities make it even harder.
13 points by todsacerdoti 20 days ago | 2 comments
IdentityServer4 Is Public Again(duendesoftware.com) Our Duende development team is committed to delivering the world’s most secure, standards-compliant, trusted identity solutions. While Duende IdentityServer is a fully supported and secure OpenID Connect and OAuth 2.0 framework for .NET Core, IdentityServer4 has been out of support for a long time. The older IdentityServer4 contains multiple known security vulnerabilities and bugs, and has outdated documentation.
A Letter to Okta(record.goshen.edu) Yes, it’s me. It has always been me, Okta, though I appreciate your concern. I guess I thought we would have established this relationship by now.
24 points by stefankuehnel 167 days ago | 10 comments
Auth Wiki(auth.wiki) Explore and find clear definitions of key glossaries related to authentication, authorization, and identity management. Work with open-standards like OpenID Connect, OAuth 2.0, and SAML.