« Back to home

Google Cloud Authenticating to Google Cloud using Integrated Windows Authentication, workload identity federation, and SAML-POST

Previously, we explored two ways of authenticating to Google Cloud using Kerberos and NTLM credentials. Both ways involved authenticating to AD FS using Integrated Windows Authentication, and then using workload identity federation. But there’s a third way that we haven’t cover yet – and it involves using the SAML HTTP-POST binding. Continue »

Security Defining privileged access

Posted on

Privileged access is a term we commonly encounter in the realm of access management. The term seems pretty self-explanatory, but finding a good definition isn’t easy. Continue »

Cryptography What's inside a PEM file

Posted on

One of the more confusing aspects of dealing with public key cryptography is that there are so many different file formats. Let’s take a closer look at the most common one, PEM. Continue »

Security Demystifying AutoSelectCertificateForUrls syntax

When a web server requires mutual TLS authentication, the default behavior of web browsers is to show a dialog that lets us choose which client certificate we’d like to use. Chrome lets us suppress these prompts by using the AutoSelectCertificateForUrls policy. But documentation is scarce. Continue »