![]() To ensure security, we follow the “TLS everywhere” mantra, extensively relying on the mutual TLS authentication. The microservices communicate with each other over gRPC and have a REST API gateway for external invocations. The backend of the API Security platform by 42Crunch has been implemented using a microservices architecture, with the microservices written in Go. To protect your services, upgrade immediately to Go v1.10.6 or later, or v1.11.3 or later. The attacker can formulate inputs in a way that makes the verification algorithm in Go’s crypto/x509 standard library hog all available CPU resources as it tries to verify the TLS certificate chain the client has provided. ![]() TL DR If your source code is written in Go and it uses one-way or mutual TLS authentication, you are vulnerable to CPU denial of service (DoS) attacks. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |