When it comes to digital certificates, the Subject Alternative Name (SAN) extension plays a crucial role in how modern systems authenticate and communicate securely. Although the Common Name (CN) field traditionally carried the hostname of a server, today it’s the SAN extension that browsers and applications actually pay attention to. In fact, industry standards have…
Author: jackfielduk
LLMs – what’s all the fuss about?
Large Language Models (LLMs) have become a cornerstone of modern AI, enabling sophisticated natural language understanding and generation at scale. These models underpin a growing ecosystem of intelligent applications — from DevOps automation to secure enterprise knowledge retrieval. Notable examples include GPT-5, Claude 3, and Gemini. The rise of Large Language Models (LLMs) is reshaping…
IAM vs PAM vs IGA – what is the difference?
Identity security is now a cornerstone of enterprise cyber defence, particularly in the UK where regulatory pressure and threat levels continue to rise. Security teams often hear three related but distinct terms: IAM (Identity and Access Management), PAM (Privileged Access Management), and IGA (Identity Governance and Administration). While they overlap, each addresses different layers of…
Kubernetes Self-Healing
Ensuring Application Reliability In today’s cloud-native environments, application uptime and reliability are critical. Kubernetes, the leading container orchestration platform, provides self-healing capabilities that automatically detect and recover from failures, ensuring minimal downtime and optimal performance. What is Kubernetes Self-Healing? Self-healing in Kubernetes refers to the platform’s ability to automatically restart, reschedule, or replace failed containers…
Terraform State
Terraform is a widely used Infrastructure as Code (IaC) tool that enables organizations to define and provision cloud infrastructure efficiently. A critical component of Terraform is its state file, which tracks resource configurations and relationships. Proper management of Terraform state is essential for maintaining infrastructure consistency and avoiding conflicts. MIC Solutions Ltd has the expertise…
Why JSON?
JSON (JavaScript Object Notation) is a lightweight data-interchange format that is easy for both humans and machines to read and write. It is widely used for data storage, configuration files, and exchanging data between web servers and clients. JSON is based on key-value pairs, making it highly efficient for representing structured data. How JSON Works…
Refresh JWTs are subject to compromise
Refresh JSON Web Tokens (JWTs) are a crucial part of maintaining user authentication sessions without requiring frequent logins. However, if not implemented securely, refresh tokens can become a major security risk. Here are some common ways refresh JWTs can be compromised: 1. Token Theft via Storage Vulnerabilities Storing refresh tokens improperly is one of the…
IP Spoofing
IP spoofing is a cyberattack technique in which an attacker manipulates the source IP address in network packets to appear as though they are coming from a trusted source. This deceptive practice allows attackers to bypass security measures, launch denial-of-service (DoS) attacks, and intercept sensitive communications. The objective of IP spoofing is often to initiate…
JWT
JSON Web token (JWT) is an open standard (RFC-7519) that defines a compact self-contained way for securely transmitting information between parties as a JSON object. The format is intended for use in space constrained environments, such as HTTP authorization headers and URI query parameters. JWTs encode claims transmitted as JSON objects contained as a payload…
ECDHE
ECDHE (Elliptic Curve Diffie-Hellman Ephemeral) is a cryptographic algorithm used for secure key exchange in network protocols like TLS (Transport Layer Security). Its main function is to enable two parties (e.g., client and server) to agree on a shared secret over an insecure network, without transmitting the secret itself. This fact almost alone has ensured…
MIC Solutions 