Techly NewsGet the app

Get the latest tech news

I hacked my company's SSO provider


I never thought I'd stumble across a previously-undiscovered vulnerability, much less one in security software. I love reading stories about how people find and report bugs, and how the companies react (preferably thankfully!). I also admire the deep analytical skills required to deconstruct exploitable software,…

I also admire the deep analytical skills required to deconstruct exploitable software, because I would give up long before some of these geniuses. Once upon an SSO engineering career, I was configuring a self-service portal that allowed our users (internal employees) to update some personal information for their account. The next part is thankfully anticlimactic: I put together an email with step-by-step reproduction instructions and gave it my vendor's Customer Success Manager.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of Company

Company

Photo of SSO

SSO

Photo of SSO provider

SSO provider

Related news:

News photo

Anthropic just launched a new platform that lets everyone in your company collaborate on AI — not just the tech team

News photo

OpenAI’s ex-policy lead criticizes the company for ‘rewriting’ its AI safety history

News photo

PlayStation Hit With More Layoffs Following Recent Game Cancellations | Sony's PlayStation Visual Arts team faces fresh cuts as the company continues reorganizing

« Mac Studio and Studio Display Turn Three Today
Facebook Cybertruck Owners Group Copes With Relentless Mockery »