Identity and Access Management

Identity and Access Management | News, how-tos, features, reviews, and videos

InfoSec4TC Platinum Membership: Cyber Security Training Lifetime Access
Multifactor authentication  >  Mobile phone verification of a permission request for laptop login.

Person holding phone near a laptop while getting two-factor authentication info

Inactive accounts pose significant account takeover security risks

Inactive accounts that haven’t been accessed for extended periods are more likely to be compromised due to password reuse and lack of multifactor authentication.

searching, search bar

CyberArk’s enterprise browser promises zero-trust support, policy management

The identity security vendor is set to launch an enterprise browser in response to increasing post-MFA attacks on session cookies.

enter neon sign do not tresspass privacy authentication access barbed wire by clem onojeghuo unspla

Teleport releases Teleport 13 with automatic vulnerability patching, enhanced DevOps security

Teleport 13 features include Transport Layer Security routing and the ability to import applications/groups from Okta and AWS OpenSearch support for secure database access.

shutterstock 1748437547 cloud computing cloud architecture edge computing

Think security first when switching from traditional Active Directory to Azure AD

With the final release of Windows 10, the use of traditional Active Directory may be waning, and Azure AD on the rise. Here are some security concerns that need to be addressed when making the switch.

CSO > Password elimination [conceptual password security lock in a trash bin]

Majority of US, UK CISOs unable to protect company 'secrets': Report

The GitGuardian study found 75% of respondents have experienced a data leak involving company secrets, including API keys, usernames, passwords, and encryption keys, in the past.

cloud technology protection information cybersecurity indentity

Review your on-prem ADCS infrastructure before attackers do it for you

Attacks through Active Directory Certificate Services are fairly easy for bad actors to perform but basic vigilance and built-in Windows protections can help mitigate the risk of a breach.

Person holding phone near a laptop while getting two-factor authentication info

Google rolls out passkey support across accounts on all major platforms

Passkeys for Google Accounts are available now while Google Workspace administrators will soon be able to enable passkeys for their end-users.

cloud hand touch create access secure clouds reach tech job certification

Veza releases access security, governance solution for SaaS applications

Solution secures sensitive data in SaaS apps and integrates with 15 popular services including Salesforce, JIRA, GitHub, and Slack.

corporate security insider threat hacker spy cybersecurity human resources

Embracing zero-trust: a look at the NSA’s recommended IAM best practices for administrators

The US National Security Agency and CISA have published a set of guidelines to help secure systems from access- and identity-based threats. Here’s what to look for in this wide-ranging document.

'NO' symbol [circle-backslash] and raised hand against a background of passwords / passcodes

Circle Security debuts platform “purpose-built” to tackle credential-driven threats, cloud attacks

The new cybersecurity company's solution is available as a device-native service, a mobile app, browser-based, and via a developer-focused API.

1798109056 decision making ciso soc

Siemens focuses on zero trust, legacy hardware, supply chain challenges to ensure cybersecurity of internal systems

Siemens US chief cybersecurity officer Helen Negre discusses how the organization is focusing on zero trust to ensure the security of internal systems across its different lines of business.

zero trust security model secured network picture id1313494602 3

Xage’s new IAM offering provides multilayer authentication for ICS/OT

The multilayer IAM maps services from a user’s multiple identity and active directory providers onto different network layers of ICS/OT systems.

abstract face / digital identity

Daon’s TrustX to offer SaaS-based, no-code identity journeys

TrustX’s AI/ML-powered platform builds, authenticates, and manages identity journeys through no-code, drag-and-drop orchestration.

innovation co innovation startup venn overlapping partnering iot by pettycon via pixabay

19 startups to check out at RSA Conference 2023

Young vendors of identity and access management, application security, and third-party risk solutions dominate the list of startups exhibiting at RSA.

Conceptual image of a network labeled 'Zero Trust.'

CISA updates zero trust maturity model to provide an easier launch

The Cybersecurity and Infrastructure Security Agency updated its Zero Trust Maturity Model to include a new stage that could make it easier for organizations to transition to a zero-trust architecture.

password security - locked mobile phone in hand shows lockscreen

Inside-Out Defense launches privilege access abuse detection, remediation platform

SaaS platform complements other identity and access management, privilege access management, and custom identity solutions as cybercriminals prioritize stolen access credentials.

keys authentication

Default static key in ThingsBoard IoT platform can give attackers admin access

Admins unable to update to the patched ThingsBoard version can manually change the default signing key.

hacker stealing dollars bank cyber crime cybercrime money theft

Hackers steal crypto assets by defeating 2FA with rogue browser extension

The Rilide malware tricks victims into revealing their second-factor authentication to withdraw cryptocurrency in the background.

Load More
You Might Also Like