Category: Cloud Security

Securing Microsoft Active Directory Federation Server (ADFS)

Many organizations are moving to the cloud and this often requires some level of federation. Federation, put simply, extends authentication from one system (or organization) to another. Gerald Steere (@Darkpawh) and I spoke about cloud security at DEF CON in July 2017. Presentation slides and video are here: “Hacking the Cloud” One of the key …

Continue reading

Configuring Two-Factor Authentication for Web (Cloud) Services

Don’t want your web (cloud) account password to get hacked? Enable Two-Factor Authentication (aka two-step verification)! Google Account: Visit this site and follow the instructions to configure your cell phone as a second factor Step 1:  You’ll enter your password Whenever you sign in to Google, you’ll enter your password as usual. Step 2:  You’ll …

Continue reading