Matthew Kromalic’s Post

✅ Quickly modernize an application from #authenticating against a #legacyIdP to a modern cloud IdP, like #Okta, without the need to refactor the app ✅ Future-proof applications via identity abstraction to quickly add new post-modernization identity services such as #MFA, #Passwordless, #Identity Verification, and more ✅ Leverage automation to replicate the process at scale for all your applications and retire your #EOL legacy vendor contracts https://lnkd.in/gYXiUhBQ

DataCave is a new type of Password Manager. It is one of the most secure Personal DataBase / Password Managers available, because your data never leaves your DataCave App on your own phone (no centralised databases in the cloud!). Plus your data is encrypted with banking level security. DataCave never sees any your data, in fact it only holds your email address and your chosen names. This is less personal data than any other Password Manager holds. Added to that it is one of the the simplest, quickest and easiest to use. If you want to know more go to: DataCave.com If you value security and simplicity then Download the DataCave App today the link is here 👇: https://lnkd.in/eux7nUMt Enjoy ! #Passwords #passwordmanager #passwordsecurity #personaldatabase

Want to save on software costs while boosting security? Join us for our Identity Solutions webinar. 💼🔐 Learn how our Workforce Identity Cloud can streamline your operations. Don't miss out – register now 🛡️

Azure User-Assigned Managed Identity is very convenient. It allows you to define a a single managed identity instance that can be used for multiple resources. I see that this is used very poorly by Azure users for their apps. i.e. They assign very broad scoped managed identities to resources that don't need that level of access. Remember - this is equally bad (if not worse) than using broad scope user access assignment.

Simplify the app migration process on #AWS. TD SYNNEX encourages you to read this blog, which outlines 6 proven strategies you can leverage to make the app migration process easier. 💡

Hello LinkedIn community, Looking to enhance the security of your AWS app integration? Check out this comprehensive blog post providing valuable insights into strengthening security when using two-way trusts between your self-managed Microsoft Active Directory and your AWS Managed Microsoft AD for accessing AWS applications. The post covers practical information on configuring selective authentication, least privilege permissions, and more to bolster your Active Directory environment. Read the full blog post here: https://ift.tt/IP9HWmK #AWSDirectoryService #ActiveDirectory #AWSManagedMicrosoftAD #SecurityEnhancement #AWSIntegration #SelectiveAuthentication #LeastPrivilegePermissions

Securing Azure AD B2C API Connector (Function App) without Error. I was recently working with a customer who is using Azure AD B2C API Connector to enrich tokens with claims from external sources. They are using Azure Function App as the external source. As this setup demands, they exposed Azure Function App over public IP to work with B2C. But due to enterprise security restriction policy they must remove public endpoint from Function App and use private endpoints to VNET.   They thought of 2 options to expose the Function App securely over internet – using Azure API Management instance to a virtual network - external mode APIM in... #techcommunity #azure #microsoft https://lnkd.in/e8kQ2-hj

🔐 Understanding OAuth2.0 Authentication Flow 🔑 Ever wonder how apps like Facebook or Google allow you to log in to other services without sharing your password? That’s OAuth 2.0 in action! Here’s how it works: You (the resource owner) want access to some data (like your photos on a cloud service). The app (client) sends you to the authorization server (e.g., Google) to log in and give permission. Once you approve, the app gets a special access token, allowing it to access the data without your password. The app uses this token to request the data from the resource server (like Google’s API), keeping everything secure. OAuth 2.0 keeps your login info private while allowing apps to access only what you approve. Neat, right? Up Next(Tomorrow Post); "Top 4 Used Kubernetes Authorization_Modes". Stay tuned as I continue to share more insights, illustrations and tips from my DevOps journey! ~~~ Infographics - you most likely to remember what you visualized ~~~ ♻ Repost to help others find it, sharing is caring 💾 Save this post for future reference #OAuth2 #Authentication #APISecurity #CloudComputing

Understanding Single Sign-On (SSO) SSO is an authentication method that enables users to access numerous apps and services with a single set of credentials. https://cstu.io/660af2 #hosteddesktop #Virtualdesktop

Tutorial 📩 : Secure Azure Functions with Azure App Registration No one wants an Azure function in production to be accessible just from anywhere over the web, for example: Functions with http triggers We must ensure that only authorized entities can invoke or access them. Yes, Azure Functions lets you use secret keys to make it more difficult to access your function endpoints which can either be supplied as a query string parameter or a header parameter (x-functions-key) when calling the endpoints. This is not enough security. “While access keys provide some mitigation against unwanted access, you should consider other options to secure HTTP endpoints in production. For example, it's not a good practice to distribute shared secrets in a public app” - Microsoft. One way is to use the Microsoft Entra ID - Azure App Registration. https://lnkd.in/dcktfSgH #Azure #MicrosoftEntraID #AzureFunctions #