Microsoft Store で見つかったクリプトジャッキングアプリ
ISTR 24: 시만텍의 연례 위협 보고서에서 드러난 더 파괴적인 대규모 공격
続きを読む
ISTR 24:赛门铁克年度威胁报告揭示了更大规模和具破坏性的攻击
ISTR 24:賽門鐵克年度威脅報告揭示了更大規模和具破壞性的攻擊
2019 年度版 ISTR: シマンテックの年次脅威レポートで、さらに大胆かつ破壊的になった攻撃が明らかに
続きを読む
Whitefly: シンガポールで活動するスパイ活動グループが明らかに
ホテル Web サイトの 3 分の 2 で、利用客の予約情報が漏えい、個人データがアクセス可能な状態に
三分之二的酒店网站涉嫌泄漏客户预订详情并允许他人访问个人数据
三分之二飯店網站洩漏顧客訂房詳細資訊並允許存取個人資料
Beapy: 中国の企業を襲うクリプトジャッキングワーム
Beapy: 크립토재킹 웜, 중국의 기업 공격
中国企业遭 Beapy加密劫持蠕虫攻击
Beapy:挖礦綁架蠕蟲攻擊中國的企業
SGX マルウェアをめぐる通説を覆す
Buckeye: Shadow Brokers 유출 사태 전 Equation Group 도구를 사용한 스파이 그룹
続きを読む
Buckeye: Shadow Brokers による漏えいより以前から Equation グループのツールを使っていたサイバースパイ集団
続きを読む
Buckeye:间谍组织在影子经纪人泄露之前使用了方程式组织工具
Buckeye:間諜團隊使用 Equation Group 工具的時間點早在 Shadow Brokers 洩漏事件之前
続きを読む
マイクロソフト月例パッチ(Microsoft Patch Tuesday)- 2019 年 5 月
API Clients Permission Levels
In our zero-trust world, we limit the level of access to our resources. This is the case for your domain users and should also be the case for all of the API clients as well.
From the earliest versions, the Secure Access Cloud team insisted on mirroring all of the capabilities available in the Application and Admin portal to the API.
This is especially relevant when automating processes, Secure Access Cloud allows Devops engineers to provide secure access to a newly created server, fast, easily and with no human interaction. Simply add the Secure Access Cloud Trust certificate into the golden image and write a small script to automatically publish any SSH application. The same is also true and as easy for web applications. Following the creation, all of the authorized users can leverage their existing identity in the Secure Access Cloud and seamlessly access the newly created applications. A great example can be found in knowledge base article TECH254768.
But should everyone be permitted the same level of access?
The above scenario requires full API access to the SECURE ACCESS CLOUD management portal but let’s consider the following:
A customer requires to provide a secure method of connection to their SOAP/ REST API application. This is a standard application and this is the equivalent to authorizing a user to access an application through the application portal, it should not allow the user to access the admin portal.
You can see a great example of the above flow with step by step guidance at TECH254811.
The last scenario I wish you to consider is for monitoring and data analysis purposes. A customer that requires information about the usage, health or anything else stored in the Secure Access Cloud database regarding the applications, users and assignments can easily create a query based on API “GET” requests. It’s a hybrid state where the API Client is authorized to access the Management API but can’t change any of the configuration.
Following the above, it’s my pleasure to Introduce the new Secure Access Cloud read-only API access.
Today, when creating an API client, you can choose the level of access this API client will receive, eliminating unwanted risks and unplanned mistakes, providing a way of maintaining the least privilege approach when required to query the Secure Access Cloud management API.
Under settings, API Clients, click the create button.
After providing a meaningful name and description you will need to select the API Level of permission
- Don’t allow access to Secure Access Cloud management API - Will allow the admin to assign an API Client to be provided with access to any application in the application portal.
- Allow read-only access to Secure Access Cloud management API – will allow the API Client to only execute “GET” requests only, reflecting what is happening in the Secure Access Cloud without the ability to change any of the configurations.
- Allow full access to Secure Access Cloud management API – Full admin privileges.
We are working towards a more granular Role Based Access Control API client and would like to hear your use cases and needs. Reply below with suggestions and we will review and consider each and every one.
Thank you for taking the time and helping us improve our product.