Hi, I’m Jan Brennenstuhl, a Software Engineer in Security, with focus on authentication and single sign-on. I have a foible for data breaches, account security and passwords. Ask me about OpenID Connect or web application security!
Latest Articles About Jan Brennenstuhl
Discover the power of Honeytoken in credential breach detection, and learn how they bolster defenses against authentication attacks from cybercriminals by improving threat detection.
I delve into the transformative potential of JWTs as one-time tokens, exploring their advantages, implementation considerations, and real-world use cases.
In this comprehensive guide I talk about key concepts of cybersecurity awareness training and defensive measures in context of whale phishing. Learn how AI and ML can support whaling prevention and understand why knowledge is our strongest weapon, and vigilance our constant ally.
Dive deep into the ocean of cyber security, exploring the insidious technique of whaling. Discover why understanding whaling in cyber security can make all the difference in safeguarding your organization from these crafty predators of the digital sea.
Discover the dark art of password spraying. Learn its inner workings and arm yourself with prevention tactics to safeguard your digital fortress. Defend against malicious attacks with this comprehensive guide.
The JSON Web Algorithms (JWA) standard provides definitions for several cryptographic algorithms. These algorithms enable a variety of purposes. In this article I'll introduce you to the essential ideas of JWA and outline how it helps to power e.g. OpenID Connect (OIDC).
Implementing JSON Web Key Sets (JWKS) is crucial for organizations that want to leverage modern, decentralized authentication and authorization protocols. In this article I discuss the purpose of JWKS, guide you though their technical specification and outline benefits as well as best-practices to securely exposing public key material.
Have you ever wondered about the intricacies of JSON Web Encryption Standards? Get ready to decode the enigma with this deep dive into JWE Tokens. Gain insightful knowledge and grasp common data security use cases.