Securing Data Pipelines: Privacy, Compliance, And Security-by-Design On AWS
This Blog Post is part of Building and Securing Data Pipelines: From Governance to Secure Implementation Series
Posts by Year
2025
Mapping Data Governance To AWS - Building a Secure DLP Pipeline
This Blog Post is part of Building and Securing Data Pipelines: From Governance to Secure Implementation Series
Designing A Data Pipeline Architecture That Embeds Governance & Security
This Blog Post is part of Building and Securing Data Pipelines: From Governance to Secure Implementation Series
Data Governance For Engineers - The 5 Pillars Every Secure Data Pipeline Needs
This Blog Post is part of Building and Securing Data Pipelines: From Governance to Secure Implementation Series
2017
Facebook’s Bug - Unauthorized access to credit/prepaid card details (limited) of any user
Description There are various Facebook products like Ads Manager, Business Manager, Messenger Payments, etc. which requires an user to add some payment metho...
2016
Facebook’s Bug - Delete any video from Facebook
The story I came across a note New: Videos in Comments! written by Bob Baldwin who works at Facebook. This note was about Facebook launching it’s new feature...
Facebook’s Bug - Fooling Graph Search to Bypass Privacy Restrictions & Extract Private
Description I was able to fool Facebook’s Graph Search and bypass privacy restrictions and extract sensitive information about user’s applications and pages....
2015
DropBox’s Critical Bug - App having ONLY access to App folder being able to post and enumerate files in/of any folder
Description Dropbox offers two Api’s …
Facebook’s API Bug - Exposure of unpublished links over graph api
Description The endpoint /me/links is undocumented. We cannot find documentation about how to deal with this endpoint. But combining few api calls we can cre...
Facebook’s API Bug - Add/Remove videos from video playlists using an user access_token with public_profile permissions
Description The endpoint /{videolist_id}/videos is undocumented. So, we cannot find any real documentation about this on developer’s site. But still using an...
Facebook’s API Bug - Delete a photo posted on a page using an user access_token withOUT manage_pages permissions
Description According to the documentation mentioned here (https://developers.facebook.com/docs/graph-api/reference/v2.3/photo#deleting), app can delete a ph...