cnbird2008-CSDN博客

关于大型互联网企业DevSecOps体系构建的总结与思考[1]https://apievangelist.com/2012/01/12/the-secret-to-amazons-success-internal-apis/[2]https://docs.aws.amazon.com/whitepapers/latest/introduction-devops-aws/two-pizza-teams.html[3]https://gist.github.com/terabyte/1...

2022-04-05 11:21:41 3850 1

原创 AWS Cognito

(Web-)Insecurity Blog | Flickr Account Takeoverhttps://security.lauritz-holtmann.de/advisories/flickr-account-takeover/本文主要是利用了Cognito配置错误的相关问题导致了被Account Takeover。

2022-03-27 17:02:31 532 1

原创 OpenID-OAuth2-JWT材料

Final: OpenID Connect Discovery 1.0 incorporating errata set 1Microsoft 标识平台身份验证库 | Microsoft DocsMicrosoft 标识平台和 OpenID Connect 协议 - Microsoft identity platform | Microsoft Docs安全令牌 | Azure - Microsoft identity platform | Microsoft Docs...

2022-02-05 22:18:24 409

原创 Azure And Google Vulnerability WriteUp

List of bug bounty writeups · Pentester LandGoogle VRP WriteUpGitHub - xdavidhu/awesome-google-vrp-writeups: ???? A list of writeups from the Google VRP Bug Bounty program

2022-01-30 11:19:20 544

原创 Azure AD Pentest Tips

dirkjanm.io

2022-01-18 08:35:15 391 1

原创 Microsoft CSEO内部团队信息安全保护

Microsoft 微软的网络安全保护https://www.microsoft.com/en-us/insidetrack/search?text=information+protectionhttps://www.microsoft.com/en-us/insidetrack/search?text=information+protection特权管理最佳实践：Improving security by protecting elevated-privilege accounts at .

2021-12-27 21:20:49 742

原创 Microsoft 365 CASB DLP

https://docs.microsoft.com/zh-cn/microsoft-365/compliance/information-protection?view=o365-worldwide

2021-09-01 20:56:26 400

原创 AWS Azure Google Cloud SOC Use Cases

https://docs.microsoft.com/en-us/azure/security-center/alerts-referencehttps://docs.aws.amazon.com/guardduty/latest/ug/guardduty_finding-types-ec2.html

2021-08-27 17:35:56 262

原创 Cloudflare + 远程浏览器隔离

https://blog.cloudflare.com/zh-cn/cloudflare-and-remote-browser-isolation-zh-cn/

2021-08-11 20:33:30 832

原创 Exchange 2019体系结构

https://docs.microsoft.com/zh-cn/exchange/architecture/architecture?view=exchserver-2019

2021-08-07 22:44:35 510

原创信创产业发展白皮书

http://eversec.com.cn/wp-content/uploads/2020/08/%E4%B8%AD%E5%9B%BD%E4%BF%A1%E5%88%9B%E4%BA%A7%E4%B8%9A%E5%8F%91%E5%B1%95%E7%99%BD%E7%9A%AE%E4%B9%A62021.pdfhttps://www.iyiou.com/analysis/202012231012727

2021-08-02 21:32:32 345

原创 Azure Active Directory PRT原理和对应的Bypass方式

https://www.secwise.be/en/how-to-bypass-mfa-in-azure-and-o365-part-1/https://docs.microsoft.com/zh-cn/azure/active-directory/devices/concept-primary-refresh-tokenhttps://docs.microsoft.com/zh-cn/azure/active-directory/authentication/concept-authent

2021-08-01 15:27:35 253

原创 Microsoft CIM WMI Provider

CIM WMIhttps://docs.microsoft.com/en-us/windows/win32/cimwin32prov/cim-wmi-provider

2021-07-18 10:08:48 239

原创 Strategy Tool: Amazon’s PR/FAQ

https://medium.com/intrico-io/strategy-tool-amazons-pr-faq-72b3e49aa167

2021-06-22 22:38:21 622

原创浅谈云安全技术以及安全架构亮点

https://mp.weixin.qq.com/s/6lPdiuWkVvdFe1ZOHI6BPQ

2021-06-20 10:23:43 446

原创云安全架构连载之三-超大型企业混合云安全架构最佳实践

https://mp.weixin.qq.com/s/xkeNxE99ORtVs9EOv0ellQ

2021-05-15 23:41:54 294

原创《鸟哥谈云安全》公众号两篇文档

云安全架构连载之一-Azure整体架构以及安全亮点详解https://mp.weixin.qq.com/s/QNBlsBJaWNXsZLEuNRQcvQ云安全架构连载之二-Azure云平台威胁检测详解https://mp.weixin.qq.com/s/Dffk-_TSCaR2SWVAIMCQUA

2021-03-24 15:50:19 810 1

原创 Inside the transformation of IT and operations at Microsoft

https://www.microsoft.com/en-us/itshowcase/inside-the-transformation-of-it-and-operations-at-microsoft#relatedcontent

2021-02-09 22:00:32 323

原创 Tensorflow Privacy

https://github.com/tensorflow/privacy

2020-12-12 16:54:40 1204

原创 Google网络+容器相关参考资料

Borg容器：https://zhuanlan.zhihu.com/p/140903645http://dockone.io/article/746https://ying-zhang.github.io/doc/EuroSys15_Borg_CN_Ying_201806.pdfhttps://ying-zhang.github.io/https://github.com/theanalyst/awesome-distributed-systemshttps://github.com

2020-12-08 16:59:00 344

原创 Microsoft Advanced Threat Analytics

https://docs.microsoft.com/en-us/advanced-threat-analytics/what-is-ata

2020-05-17 00:00:18 3013

原创 Azure AD攻防

https://www.synacktiv.com/posts/pentest/azure-ad-introduction-for-red-teamers.html

2020-05-16 22:54:24 3147

原创 Check Point Release Azure Cloud Security Vulnerability

https://research.checkpoint.com/2020/remote-cloud-execution-critical-vulnerabilities-in-azure-cloud-infrastructure-part-i/

2020-02-01 18:36:53 1635

原创 NSA Cloud Security

https://media.defense.gov/2020/Jan/22/2002237484/-1/-1/0/CSI-MITIGATING-CLOUD-VULNERABILITIES_20200121.PDFhttps://www.usenix.org/conference/woot19/workshop-program

2020-01-30 10:46:32 2622

原创 Aporeto Zero Trust

https://github.com/aporeto-inc/trireme-examplehttps://github.com/aporeto-inc/triremehttps://docs.aporeto.com/saas/concepts/

2020-01-28 19:10:53 1602

原创 OpenStack NFV Tacker

https://docs.openstack.org/tacker/latest/user/index.html

2019-12-05 20:25:01 4041

翻译 AWS Provable Security

https://d1.awsstatic.com/Security/pdfs/Model_Checking_Boot_Code_From_AWS_Data_Centers.pdfhttps://aws.amazon.com/security/provable-security/https://github.com/diffblue/cbmc

2019-06-14 19:54:20 1552

原创 Google I/O 2019 Video

https://www.youtube.com/playlist?list=PLOU2XLYxmsILVTiOlMJdo7RQS55jYhsMihttps://mybuild.techcommunity.microsoft.com/sessions?t=%257B%2522from%2522%253A%25222019-05-06T08%253A00%253A00-07%253A00%2...

2019-05-10 12:45:39 1421

原创 IBM Qradar UEBA Rules

https://www.ibm.com/support/knowledgecenter/SS42VS_7.3.2/com.ibm.UBAapp.doc/c_Qapps_UBA_rules_intro.html

2019-05-07 21:36:45 2755

原创 Financial Cyber Security

https://www.slideshare.net/AmazonWebServices/aws-summit-singapore-next-generation-securityhttps://www.federalreserve.gov/supervisionreg/srletters/sr1714.htmhttps://www.federalreserve.gov/sup...

2019-04-07 09:54:26 1487

原创 Cyber Security Summit Slide SANS

https://www.sans.org/cyber-security-summit/archives/

2019-04-07 09:53:02 1556

附件2 金融行业信息系统信息安全等级保护测评指南(报批稿)

ISO 27000中文系列

空空如也