I’m Not A Robot!

May 18, 2019

Table of Contents

I’m Not A Robot!

There is no one way to secure your API that fits all situations. But, you can learn the schemes, study how the biggest social networks are dealing with it and find out the industry standard; then apply it to your project in the way you see fit. At the end of this article, you’ll have a clear understanding of the different schemes.

I won’t go in depth on these here but I’ll do a deep dive on OAuth, the most widely used authorization framework, another time.

Source: towardsdatascience.com

Tags :

comments powered by Disqus

Vault Learning Resources: 1.0, Auto-unseal, Agent, Kubernetes

Learn from hands-on labs to build proficiency with Vault 1.0, auto-unseal, Kubernetes, and other secrets management features.

Detecting the Kubernetes API server DoS vulnerability (CVE-2019-1002100).

Recently, a new Kubernetes related vulnerability was announced that affected the kube-apiserver. This was a denial of service vulnerability where authorized users with write permissions could overload the API server as it is handling requests. The issue is categorized as a medium severity (CVSS score of 6.5) and can be resolved by upgrading the kube-apiserver to v1.11.8, v1.12.6, or v1.13.4.

DNS over TLS: Encrypting DNS end-to-end

As a first step toward encrypting the last portion of internet traffic that has historically been cleartext, we have partnered with Cloudflare DNS on a pilot project. This pilot takes advantage of the benefits of Transport Layer Security (TLS) — a widely adopted and proven mechanism for providing authentication and confidentiality between two parties over an insecure channel — in conjunction with DNS. This solution, DNS over TLS (DoT), would encrypt and authenticate the remaining portion of web traffic.

I’m Not A Robot!

Tags :

Share :

Related Posts

Vault Learning Resources: 1.0, Auto-unseal, Agent, Kubernetes

Detecting the Kubernetes API server DoS vulnerability (CVE-2019-1002100).

DNS over TLS: Encrypting DNS end-to-end