Contexte
The first source is a technical report from the French National Cybersecurity Agency (ANSSI) detailing a surge in critical vulnerabilities affecting network edge devices like VPN gateways and firewalls between 2023 and 2024. It highlights how attackers, including state-sponsored groups, exploit these security briques to achieve persistent network access and lateral movement within information systems. The second source is the OpenID Connect Core 1.0 specification, which defines a standardized identity layer built upon the OAuth 2.0 protocol. It outlines the authentication flows and security tokens necessary for clients to verify user identities and exchange profile information in a REST-like manner. Together, these documents address different facets of cybersecurity: one focuses on the risks and defense of physical security infrastructure, while the other provides a formal framework for secure digital identity management.
Chapitres
0:00— Introduction à Discover 3600:35— Limites du mot de passe1:09— Trois familles d’authentification1:42— Risques et menaces concrètes2:15— Solutions de sécurité avancées
Sources
- CLOUD COMPUTING - CERT-FR - ANSSI
- EXFILTRATION DE DONNÉES DU SECTEUR SOCIAL : RETOUR D’EXPÉRIENCE DU CERT-FR
- FAILLES SUR LES ÉQUIPEMENTS DE SECURITE : RETOUR D’EXPERIENCE DU CERT-FR - ANSSI
- How to Evaluate Identity Governance & Administration (IGA) Systems - Saviynt
- NIST Update: Multi-Factor Authentication and SP 800-63 Digital Identity Guidelines - CSRC
- OpenID Connect Core 1.0 incorporating errata set 2
- Privileged Access Manager - Self-Hosted Architecture - CyberArk Docs
- System for Cross-domain Identity Management: SCIM
- User Authentication Specifications Overview - FIDO Alliance
- Zero Trust Maturity Model Version 2.0 - CISA