ByteByteGo·4yFlowchart of how slack decides to send a notification
Slack has published 26 articles over the past two weekends to go through. In this newsletter, we will talk about the following:Flowchart of how slack decides to send a notification. Orchestration and choreography. How to design secure web API access for your website. How does Amazon build and operate software?
InfoSec Write-ups·4yBITB (browser in the browser)Attack
BITB attack is an advance and more sophisticated phishing attack that can trick users into believing the fake website is real. BITB (browser in the browser) attack makes phishing nearly undetectable using the right CSS and JS. Since this attack is based on the HTML code, it is hard to detect and difficult to create an indicator of compromise (IOC)
freeCodeCamp·4yHow WebAuthn Authenticates Users Without a Password
WebAuthn is an API that enables strong authentication with public-key cryptography. It lets you implement passwordless authentication and/or secure second-factor authentication without SMS texts. WebAuthn works hand in hand with other industry standards such as Credential Management Level 1 and FIDO 2.0 Client.
Permit.io·4yReal-time dynamic authorization - an introduction to OPAL
OPAL is an open-source administration layer for Open Policy Agent (OPA) that allows you to easily keep your authorization layer up-to-date in real-time. OPAL detects changes to both policy and policy data and pushes live updates to your agents - bringing open policy up to the speed needed by live applications.