Access Control

Access Control | News, how-tos, features, reviews, and videos

Security threat [illustration]  >  A hacker with black hat, mask, and crowbar breaks into a laptop.
Two developers collaborate on a project as they review code on a display in their workspace.

Conceptual image of a network labeled 'Zero Trust.'

Beyond Identity launches Zero Trust Authentication to align verification with zero-trust principles

Zero Trust Authentication is designed to negate the shortcomings of traditional authentication methods with features including passwordless capability and phishing resistance.

passwords / passcodes

ReversingLabs adds new context-based, secret-detection capabilities

The software supply chain security tool will host new secret-detection capabilities through the command-line interface to help developers prioritize remediation efforts.

Conceptual image of a network labeled 'Zero Trust.'

What is zero trust? A model for more effective security

As the security model becomes the preferred security strategy, it’s worth looking at what it is and what it takes to achieve.

Person holding phone near a laptop while getting two-factor authentication info

Booking.com account takeover flaw shows possible pitfalls in OAuth implementations

Avoid these simple mistakes when setting up OAuth for third-party authentication to block unauthorized account access.

Two developers / programmers collaborate as they review code via laptop display.

Entitle debuts with automated SaaS permissions-management application

Israel-based cybersecurity startup Entitle's namesake application is designed to automate access requests and grants by delegating approval decisions to business owners instead of IT and devops teams.

facial recognition - biometric security identification

Alcatraz AI streamlines facial recognition access control with mobile update

Alcatraz AI is offering web-based mobile enrollment and privacy consent management to optimize the onboarding process for its facial recognition building security system.

Person holding phone near a laptop while getting two-factor authentication info

Descope launches authentication and user management SaaS

Descope’s first product allows developers to build authentication and user management functions in applications.

cloud hand touch create access secure clouds reach tech job certification

Cohesity Data Cloud 7.0 enhances privileged access authentication, ransomware recovery

Vendor announces the 7.0 software release of its Cohesity Data Cloud platform with a focus on “data-centric” cyber resilience.

social engineering fraud impersonation neon face with hoodie by photo by sebastiaan stam on unsplash

Threat actors abuse Microsoft’s “verified publisher” status to exploit OAuth privileges

Proofpoint discovers threat actors targeting verified status in the Microsoft environment to abuse OAuth privileges and lure users into authorizing malicious apps.

Many keys, one lock  >  Brute-force credential stuffing.

How passkeys are changing authentication

Well-implemented passkeys can improve the user experience and make it harder for cybercriminals to launch phishing and other attacks.

metaverse

The metaverse brings a new breed of threats to challenge privacy and security gatekeepers

If your organization isn’t already moving into the metaverse, it soon will be. Be warned: today’s security protocols and privacy laws may not apply to 3D worlds.

Impersonation / disguise / fraud / false identity / identity theft

Study shows attackers can use ChatGPT to significantly enhance phishing and BEC scams

Researchers demonstrate how attackers can use the GPT-3 natural language model to launch more effective, harder-to-detect phishing and business email compromise campaigns.

access control / authentication / privileges / security / key

Why it might be time to consider using FIDO-based authentication devices

Access codes sent by SMS or authenticator apps can be bypassed by clever phishing. Hardware-based tokens make that harder to do.

byod mobile tablets smartphones users devices

How acceptable is your acceptable use policy?

If users resent, fear, or ignore policies around the use of corporate resources, it may be time for a different approach that incentivizes rather than punishes.

Conceptual image of a network labeled 'Zero Trust.'

Athletic shoe maker Brooks runs down cyberattacks with zero-trust segmentation

Protecting the most vital areas of the network first is a practical, doable defense, Brooks found when it implemented Illumio Core’s zero-trust segmentation platform.

Multi-factor authentication (MFA) / two-factor authentication (2FA) / one-time security code

8 top multi-factor authentication products and how to choose an MFA solution

Learn the key considerations when choosing an MFA solution and why these top picks are worth a look.

Multifactor authentication  >  A mobile phone displays a digital key to a lock on a user's laptop.

Top considerations when choosing a multi-factor authentication solution

Choosing the right MFA solution for a Microsoft environment that covers all authentication needs will reduce stress on your IT admins and help desk.

Conceptual image of a network labeled 'Zero Trust.'

How legacy tech impedes zero trust and what to do about it

Old perimeter-based defenses can throw up roadblocks to implementing a zero-trust strategy, but a measured, phased approach will see you through.

Load More
You Might Also Like