Skip to content

Posts by

Michael Stepankin


mTLS: When certificate authentication is done wrong

In this post, we'll deep dive into some interesting attacks on mTLS authentication. We'll have a look at implementation vulnerabilities and how developers can make their mTLS systems vulnerable to user impersonation, privilege escalation, and information leakages.