People didn't understand what we were talking about 3 years ago. Remember #Golden #SAML from 2017? @gentilkiwi @TalBeerySec @ShakReiner @CyberArk Here it is: cyberark.com/resources/threa… [Nov, 2017] #Innovation

7:45 PM · Dec 22, 2020

1
13
41
1/3 Per the "Golden SAML" technique (rogue offline token issuance with stolen certificate)in #SUNBURST post exploitation. Would a "Token Transparency" ("TT") solution a-la #SSL "Certificate Transparency" (by @agl__ ) to prevent make sense? certificate-transparency.org… #GoldenSAML
Show this thread
0
0
1