NetSPI Blog

Jem Jensen
March 7th, 2017

Attacking SSO: Common SAML Vulnerabilities and Ways to Find Them

In this blog I’ll share some pointers that can be used when testing Single Sign-On (SSO) solutions that utilize SAML. The centralized nature of SSO provides a range of security benefits, but also makes SSO a high-profile target to attackers. The majority of SSO implementations I have seen in the past year pass SAML messages as […]