Shlomo Zalman Heigh

icon indicating a website link https://www.linkedin.com/in/szheigh/ icon indicating an email [email protected]

icon company @cyberark @conjurinc icon location United States icon location Open Source Enthusiast. AppSec expert. Staff Software Engineer @cyberark

Results 239 comments of Shlomo Zalman Heigh

Update Threat_Modeling_Cheat_Sheet.md

Can you please provide some source material? I did a quick search for CI4A and found very few results. Is this an industry accepted standard? I agree Accountability is much...

New CS proposal: Reauthentication After Risk Events

Are we convinced this needs its own cheat sheet and can't be adequately covered in existing cheat sheets?

Conjur attempts to create .netrc file

Another workaround would be to add "credential_storage: none" to your .conjurrc file or set the environment variable "CONJUR_CREDENTIAL_STORAGE" to "none". Can you please try these and confirm it works?

Conjur attempts to create .netrc file

We're going to update the documentation to make this use case clearer. Thank you for your report. Tracking internally as CNJR-10891.

Fix broken tests by refershing materalized views

Is this still relevant @codihuston?

Authn jwt refactor v5

@jvanderhoof Can this PR be closed?

Support for Ephemeral Secrets

Hey @danquack, Thank you for the suggestion! We're considering it for inclusion in a future release.

Unmaintained?

Does anyone want to start a fork?

Update: Pinning Cheat Sheet

I agree that pinning should not be recommended for the majority of web applications. I think there's a place for it in specific instances where a high level of security...

Update: Help documentation on website

I'm not opposed to the idea.