What defense recommendations does the article provide to prevent SAML certificate exploitation?
The article recommends applying security patches promptly to prevent attackers from gaining vCenter local administrator privileges in the first place, and avoiding leakage of vCenter backup files that might contain the data.mdb database with the IdP certificate.
---
**Related reading:**
- vSphere Development Guide 6 - vCenter SAML Certificates — original article
- Penetration Techniques - Deleting Single Windows Log Entries
- Penetration Technique: Remote Access to Exchange PowerShell
- Zimbra SOAP API Development Guide 2
---
**Related reading:**
- vSphere Development Guide 6 - vCenter SAML Certificates — original article
- Penetration Techniques - Deleting Single Windows Log Entries
- Penetration Technique: Remote Access to Exchange PowerShell
- Zimbra SOAP API Development Guide 2
defensepatchingbackup leakagevCenter securitySAML certificate