Security & Networks
Posts on both networks and security (consolidated)
cancel
Showing results for 
Search instead for 
Did you mean: 

Forum Posts

More vulnerabilty fun, Halloween edition

Flaw in OAuth implementation for Grammerly and others; allows full account takeover.https://www.darkreading.com/remote-workforce/oauth-log-in-full-account-takeover-millions iPhone MAC address randomization hasn't ever worked. Turns out that while it ...

rlyons by Rising Star III
  • 219 Views
  • 1 replies
  • 0 kudos

Locating and updating curl and libcurl

 Whats everyone doing to evaluate and understand their device exposure on the curl and libcurl CVE? Ive got to the point where understanding if curl is present on the device only goes so far, as there are potentially 3rdparty apps that have/utilise t...

rodderz by Novitiate I
  • 316 Views
  • 1 replies
  • 0 kudos

Admin locked out!

When I try to login as admin my OTP-code says; Verification code was invalid or already used.It does not work. If I try to reset my password I need also an OTP code. I'm locked out and have no clue how to solve this.

FB991 by Novitiate I
  • 1379 Views
  • 3 replies
  • 0 kudos

Resolved! Printer access/security solutions in JumpCloud

Hello All,I recently joined an organization running JumpCloud. One of the challenges I'm trying to solution in the organization is printer access and security. I don't see anything in JC and wanted to bounce this off the group.What I'd like to do is ...

htgrimmi by Novitiate I
  • 504 Views
  • 2 replies
  • 0 kudos

LDAP mapping between JumpCloud and OpenDirectory?

We have a Mac mini acting as a FileMaker database server, and I need to add SSO logins for database users. For some reason, the JumpCloud agent won't install, so as a workaround I added the Jumpcloud LDAP server as a native directory service per http...

jlgtx by Novitiate II
  • 1838 Views
  • 6 replies
  • 0 kudos

device security apps

Hi, Just trying out JumpCloud, working well so far. Only issue we have so far is struggling to find anything within the portal to restrict users installing software from the internet. Eg firefox, putty can run directly from Downloads. How are people ...

deano by Novitiate II
  • 970 Views
  • 5 replies
  • 0 kudos

Tailscale SSO OIDC

Configuring a Tailscale SSO connection is pretty straightforward but there are a couple of gotchas to watch out for.  First, neither JumpCloud nor Tailscale consider each other a primary vendor so you have to use custom connections.  Second, Tailscal...

RNHurt by Novitiate III
  • 621 Views
  • 0 replies
  • 2 kudos

Integrating with Redox SSO

Just wanted to jot a few notes down for integrating SSO with Redox Engine.Steps:Create the SSO app in JC and accept the defaultsCheck the "Declare Redirect Endpoint" option - Redox requires thisACS URL: https://auth.redoxengine.com/saml2/idpresponseC...

RNHurt by Novitiate III
  • 246 Views
  • 0 replies
  • 2 kudos

Resolved! Does anyone have any experience with Bitwarden SSO?

We just upgraded our Bitwarden account to allow SSO integration and I'm having a bit of a tough time with it.  There are some docs for the SCIM integration with Bitwarden there is nothing for SAML.  JumpCloud has a "Bitwarden" SAML template so I thou...

RNHurt by Novitiate III
  • 935 Views
  • 1 replies
  • 0 kudos

Sentinel One and windows 11

I create a command in jumpcloud can install sentinel one on Windows 10 it does not need admin right for it to work.Now SentinelOne tell me that in Windows 11 this no longer the case I find it hard to believe that. But I figure I reach out to ask this...

Franco by Novitiate II
  • 1130 Views
  • 1 replies
  • 0 kudos

DHCP and DNS without a Domain Controller

The question of how to handle DCHP and DNS without a domain controller comes up during migrations to cloud directories. The answer is there are alternatives, and the DHCP server role shouldn't installed be on a DC anyway. This brings back a few harro...

JCDavid by Rising Star III
  • 1014 Views
  • 0 replies
  • 0 kudos

(How to) Get Passwords out of Your Browser

John Hammond, of Huntress fame, published a video detailing how it's possible to recover, decrypt and reveal passwords from Chrome. The attack vector will also work for Firefox. It requires access to an endpoint, so don't be too alarmed when you read...

JCDavid by Rising Star III
  • 519 Views
  • 0 replies
  • 0 kudos

JumpCloud logs to SentinelOne XDR

We use SentinelOne EDR and I just found out that we have XDR data ingestion with our plan, but are not using.  We can send pretty much any types of logs (so they say ...) to the XDR. Has anyone been sending their JumpCloud logs to SentinelOne XDR?   ...

SlimJim by Novitiate I
  • 456 Views
  • 0 replies
  • 0 kudos

Wazuh SIEM x JumpCloud

Hi Community ,Since JumpCloud does not notify on Directory Insights logs, Directory Insights can be integrated with any third-party SIEM tool as we already know.Wazuh is a free and open-source security platform that unifies XDR and SIEM protection fo...

Wazuh-Dashboard-JC.png

Directory Insight SIEM Integrations

Hey Folks,  As many of you might be wondering (or already asked ) about integrating SIEM solutions with JumpCloud logs - Directory Insights to be more specific, in order to centralise security event monitoring and management, @JuergenKlaassen had a w...

shawnsong_0-1678179635854.png shawnsong_1-1678179655741.png shawnsong_2-1678179677314.png shawnsong_3-1678179698083.png
shawnsong by Rising Star II
  • 1194 Views
  • 0 replies
  • 4 kudos

U.S. National Cybersecurity Strategy

This news cycle has a big drop: the Biden admin's national cybersecurity strategy. A friend worked on it and had this to say: "The strategy establishes an affirmative, values-driven vision for a secure cyberspace that creates opportunities to achieve...

JCDavid by Rising Star III
  • 574 Views
  • 0 replies
  • 1 kudos