https://themissingturtle.com/blog/programming/ Recent content in Programming on 🐢 VT Hugo en-us Sun, 19 Dec 2021 21:30:24 +0700 https://themissingturtle.com/heavy-keeper/ Sun, 19 Dec 2021 21:30:24 +0700 https://themissingturtle.com/heavy-keeper/ <p>In my company, the team I&rsquo;m working in is responsible for authentication and authorization. For that, the system is constantly targeted by suspicious users.</p> <p>For example, we were once experienced an attack wave where a random dude tried to brute-force our customers password.</p> <p>These kind of attacks can be mitigated by adding rate-limiting and captcha in front of the API. We also log those events and use Graylog to analyze the data so the Security team can react to when they see a suspicious action.</p>