Recruitment and knowledge question base. Filter, search and test your knowledge.
Threat modeling is a structured way to identify assets, threats, and mitigations by mapping actors, entry points, and trust boundaries. A lightweight model uses a quick data-flow diagram, lists likely threats (e.g., STRIDE), and prioritizes mitigations by risk.
Authentication proves who the user is (e.g., password, OAuth, MFA). Authorization decides what they can do (e.g., role can edit invoices). AuthN comes before AuthZ.
XSS injects scripts into a page; mitigate with output encoding and CSP. CSRF tricks a browser into sending a trusted request; mitigate with CSRF tokens and SameSite cookies. SSRF makes a server request internal resources; mitigate with allowlists and network egress controls.
Store passwords as salted, slow hashes (Argon2id, bcrypt, or scrypt). Never store plaintext or reversible encryption. Use per-user salts, optional pepper, and enforce strong password policies.
Least privilege means granting only the minimum permissions needed for a task and for the shortest time. In IAM it means scoped roles, separate accounts for services, and avoiding wildcard permissions.
Store secrets in a dedicated secrets manager (e.g., Vault, AWS Secrets Manager), inject them at runtime, and rotate regularly. Avoid hardcoding, keep least-privilege access, and audit secret usage in CI/CD logs.
JWTs are good for stateless APIs and service-to-service auth, but they’re hard to revoke and can grow large. Server-side sessions allow easy revocation and rotation and are better for web apps where you need control and short session lifetimes.
Use authentication, rate limits, quotas, and abuse detection (IP reputation, anomaly detection). Add request validation, WAF rules, and backpressure, plus monitoring and alerting for spikes.
Supply-chain risk is the chance that dependencies, build steps, or artifacts are tampered with. Mitigations include pinning versions, using SBOMs, verifying signatures, least-privilege CI, and monitoring for vulnerable dependencies.
Log auth events (login failures, MFA changes), privilege changes, access to sensitive data, and unusual traffic patterns. Monitor for spikes, geo-anomalies, and failed actions to detect abuse early and support incident response.