identity federation
2 posts
Article
The trust contract just broke
Pentagon threat elevation exposes the federated identity flaw: signature checks do not evaluate issuer state. Trust without re-validation is not control.
Article
Contractor pushed the boundary keys
A CISA contractor pushed AWS GovCloud admin keys to a public GitHub repo. The credential format, not the contractor, is the failed control.