Learn SAML: The Language You Don t Know You re Already Speaking
Security Assertion Markup Language, a protocol most people use daily to log into applications, makes authentication easier for both admins and users. Here s what you need to know about SAML (and what it has to do with GoldenSAML ).
Security Assertion Markup Language (SAML): You may have heard of it. You ve likely used it at least once today to log into a website portal or enterprise application. But what is SAML? How does it work? And why do you need to know about it?
(Source: Mykyta via Adobe Stock)
What Is SAML?
MicroStockHub / Getty Images
The SolarWinds/Solorigate attacks used some concerning methodologies. One of them has been what is called the Golden SAML attack process. Security Assertion Markup Language (SAML) enables the exchange of authentication and authorization information between trusted parties. The Golden SAML technique allows attackers to generate their own SAML response to gain access or control. To do so, they must first gain privileged access to a network to access the certificates used to sign SAML objects.
You have several means with Microsoft’s Active Directory (AD) to identify this and other techniques used in the SolarWinds attack and prevent them from happening. Firms like Trimarc Security have released PowerShell scripts to analyze and review your AD infrastructure. They provided a script for simple single AD environments to perform a review process. The script looks for key issues in an AD domain that could limit or reduce the security posture