IN the agile world, where continuous iteration of development and testing happens throughout the SDLC (software development lifecycle), where there is a constant collaboration with stakeholders and continuous improvement and iteration happening at every stage, and also where development of features takes place at the rapid pace. This all makes the chances of potential security loopholes to be more and more real.

This is especially true in a startup world. Having a swift development where more code is written and more releases are made that always introduces even more unknown dependencies and vulnerabilities at each step. …

It looks like this year has great promises at least the starting is good. Already 3 bug bounty in the pipeline(just showing off:P) and learned a nice methodology which laid down the opportunity for me to write and share this writeup with everyone. The best thing about being a part time bug bounty hunter is the learnings that it gives.

Besides working as a security engineer, if you are also a part time bug bounty hunter then always try to implement the learning you get from it, the defense mechanisms in your full time job wherever possible & also give…

Hi Guys,

So, after a gap of around 8 months, I recently did some bug hunting with the hope that I could learn something, and eventually, it also fetches me a decent reward. This blog will be around not only what vulnerabilities I was able to find but I would also be drilling into specific tools that helped me here. As the title suggests, this is about a tale of not one or two but three vulnerabilities chained together which leads to account takeover. Let’s get into details —

As everything starts with a bit of recon, I ran a…

The increased adoption of containers has given rise to a wide range of potential threats to microservices apps that run in containers. If you are working in an organization and your workload is over containers then this blog is more targeted for you. This is about how effectively you can secure containers by not just following a structured and more specific threat modeling approach but focussing on introducing tools at different stages of the model to prevent container security issues before you actually ship them.

Threat modeling is a structured process through which IT pros can identify potential security threats…


Security shouldn’t be treated as an after-thought

When it comes to security, we always take it as the utmost priority. We strongly believe that “Security shouldn’t be treated as an after-thought”, it should be brought as close to engineers and as early in SDLC.

Aside from the general guidelines put forth in the CIS benchmark for all around information security, we have automated infrastructure scans for audit, compliance, automated penetration tests including both DAST and SAST, performing manual pen-testing as well and having strong firewalls at multiple layers.

We are immensely proud of the infrastructure security that we are able to build but there is a much…

Work-from-home culture slowly becoming a norm

With work-from-home culture slowly becoming a norm, IT companies around the globe are bringing in various new developments in its team engagement tools to cater to such needs and also to compete with every increasing popularity of Zoom.

Zoom which has recently come under the radar with hackers exploiting various misconfiguration in their tool and hence shifting the concerns towards their loosely tied security and privacy control measures. While Zoom is being highly criticized for all the security concerns that are being highlighted, other platforms such as Google Meet, Microsoft Skype, etc are using this opportunity to promote their product…

Never leave your docker registry publicly exposed! Recently, I have been exploring dockers a lot in search of misconfigurations that organizations inadvertently make and end up exposing critical services to the internet. In continuation of my last blog where I talked about how a misconfiguration of leaving a docker host/docker APIs public can leak critical assets, here I’ll be emphasizing on how shodan led me to dozens of “misconfigured” docker registries and how I penetrated one of them.

Refining Shodan Search

I tried a couple of search filters to find out publicly exposed docker registry on shodan -

  1. port:5001 200 OK
  2. port:5000 docker…

Never leave your docker host publicly exposed!

For the last couple of months, I have been exploring various concepts of container security both from the perspective of attacking a container and defending the same. Containers have already taken a big space in the market. According to Docker, over 3.5 million applications have been placed in containers using Docker technology and over 37 billion containerized applications have been downloaded. One of the biggest advantages it brings is Modernizing Traditional Apps whether its a monolithic architecture or microservices. Moving to the containerized application brings its own security risk. I will be discussing in detail the various attack and defense…

This blog is posted with the intention of a wake up call for the government to improve and strengthen its commitment towards responsible data practices and helps to highlight the below par security standards in the IT industry and bring to the attention, the importance of security and spread awareness among companies and government to take information security as importantly as any other branch. This blog is published informing both CERT-In and NCIIPC team multiple times.

During my journey to spread security awareness among Indian tech companies including private and government sectors and also in the wake of a recent…

A comprehensive blog by our security team explaining our in-house solution to deal with DNS outages

Cloudflare is one of the most popular DNS and CDN service provider currently used by over 16 million internet sites. Every day, these sites utilize Cloudflare’s services for performance enhancement, DDoS mitigation, and more.

We do too.

So when Cloudflare suffered multiple outages, it affected websites around the globe. And Grofers was no exception.

The first outage happened on 24th June when Cloudflare proxy went down. The second outage happened on 2nd July, and this time the WAF was down for about half an hour. As a result, websites around the globe suffered outages with 502 Bad Gateway error message.

Avinash Jain (@logicbomb)

Lead Infrastructure Security Engineer | DevSecOps | Speaker | Breaking stuff to learn | Featured in Forbes, BBC| Acknowledged by Google, NASA, Yahoo, UN etc

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store