access management

The shift to identity-first security and why it matters

access management, Artificial Intelligence, BeyondID, CISO, cybersecurity, Don't miss, Features, Hot stuff, News /

The shift to identity-first security and why it matters 2025-04-07 at 08:10 By Mirko Zorz In this Help Net Security interview, Arun Shrestha, CEO at BeyondID, discusses how AI is transforming secure access management for both attackers and defenders. He discusses the shift toward identity-first security, and the role of contextual and continuous authentication in […]

React to this headline:

Loading spinner

The shift to identity-first security and why it matters Read More »

How CISOs can balance security and business agility in the cloud

access management, CISO, Cloud, cloud security, Cloudera, cybersecurity, Don't miss, Features, Hot stuff, News, opinion /

How CISOs can balance security and business agility in the cloud 2025-02-17 at 08:03 By Mirko Zorz In this Help Net Security interview, Natalia Belaya, CISO at Cloudera, discusses common misconceptions about cloud security, the balance between protection and business agility, and overlooked risks that CISOs should prioritize. Belaya also offers practical strategies for integrating

React to this headline:

Loading spinner

How CISOs can balance security and business agility in the cloud Read More »

Keycloak: Open-source identity and access management

access management, Don't miss, GitHub, Hot stuff, identity management, News, open source, software /

Keycloak: Open-source identity and access management 2024-12-12 at 06:04 By Help Net Security Keycloak is an open-source project for identity and access management (IAM). It provides user federation, strong authentication, user management, authorization, and more. Keycloak is based on standard protocols and supports OpenID Connect, OAuth 2.0, and SAML. Single Sign-On: Users authenticate through Keycloak

React to this headline:

Loading spinner

Keycloak: Open-source identity and access management Read More »

Active Directory compromise: Cybersecurity agencies provde guidance

access management, Active Directory, Don't miss, enterprise, guide, Hot stuff, identity management, intrusion detection, News, tips /

Active Directory compromise: Cybersecurity agencies provde guidance 2024-09-26 at 17:31 By Zeljka Zorz Active Directory (AD), Microsoft’s on-premises directory service for Windows domain networks, is so widely used for enterprise identity and access management that compromising it has become almost a standard step in cyber intrusions. “Active Directory is susceptible to compromise due to its

React to this headline:

Loading spinner

Active Directory compromise: Cybersecurity agencies provde guidance Read More »

How to detect and stop bot activity

access management, authentication, bot, cybersecurity, device fingerprinting, Don't miss, Expert analysis, Expert corner, Fingerprint, Hot stuff, News, opinion, strategy /

How to detect and stop bot activity 2024-09-20 at 07:46 By Help Net Security Bad bot traffic continues to rise year-over-year, accounting for nearly a third of all internet traffic in 2023. Bad bots access sensitive data, perpetrate fraud, steal proprietary information, and degrade site performance. New technologies are enabling fraudsters to strike faster and

React to this headline:

Loading spinner

How to detect and stop bot activity Read More »

Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488)

access management, AmberWolf, CVE, Don't miss, enterprise, Hot stuff, News, One Identity, vulnerability /

Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) 2024-09-19 at 15:31 By Zeljka Zorz Researchers have released technical details about CVE-2024-45488, a critical authentication bypass vulnerability affecting One Identity’s Safeguard for Privileged Passwords (SPP), which could allow attackers to gain full administrative access to the virtual appliance. “Once an attacker has gained

React to this headline:

Loading spinner

Patch this critical Safeguard for Privileged Passwords auth bypass flaw (CVE-2024-45488) Read More »

Best practices for implementing the Principle of Least Privilege

access management, Artificial Intelligence, cybersecurity, Don't miss, Features, Hot stuff, machine learning, News, Opal Security, opinion, policy /

Best practices for implementing the Principle of Least Privilege 2024-09-09 at 07:02 By Mirko Zorz In this Help Net Security interview, Umaimah Khan, CEO of Opal Security, shares her insights on implementing the Principle of Least Privilege (PoLP). She discusses best practices for effective integration, benefits for operational efficiency and audit readiness, and how to

React to this headline:

Loading spinner

Best practices for implementing the Principle of Least Privilege Read More »

Misconfigurations and IAM weaknesses top cloud security concerns

access management, cloud computing, cloud security, Cloud Security Alliance, CSP, cybersecurity, News, report, supply chain /

Misconfigurations and IAM weaknesses top cloud security concerns 2024-08-12 at 06:02 By Help Net Security Traditional cloud security issues often associated with cloud service providers (CSPs) are continuing to decrease in importance, according to the Top Threats to Cloud Computing 2024 report by the Cloud Security Alliance. Misconfigurations, IAM weaknesses, and API risks remain critical

React to this headline:

Loading spinner

Misconfigurations and IAM weaknesses top cloud security concerns Read More »

How CISOs enable ITDR approach through the principle of least privilege

access control, access management, CISO, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, News, Opal Security, opinion, regulation, threat detection /

How CISOs enable ITDR approach through the principle of least privilege 2024-07-25 at 07:31 By Help Net Security Somewhere, right now, a CISO is in a boardroom making their best case for stronger identity threat detection and response (ITDR) initiatives to lower the risk of intrusion. For a good reason, too: Look no further than

React to this headline:

Loading spinner

How CISOs enable ITDR approach through the principle of least privilege Read More »

Managing cyberattack fallout: Financial and operational damage

access management, Aspida, cyberattacks, cybersecurity, Data Protection, digital transformation, disaster recovery, Don't miss, Features, Hot stuff, News, opinion, penetration testing, Risk Management, strategy /

Managing cyberattack fallout: Financial and operational damage 2024-07-12 at 07:01 By Mirko Zorz In this Help Net Security, Ashley Harrington, Director of Cybersecurity at Aspida, discusses the impact of cyberattack on business operations and financial health. Beyond immediate disruptions and financial burdens, cyber incident can severely damage a company’s reputation among customers and partners. Can

React to this headline:

Loading spinner

Managing cyberattack fallout: Financial and operational damage Read More »

AWS unveils new and improved security features

access management, Amazon Web Services, cloud security, Compliance, Hot stuff, malware detection, MFA, News, security /

AWS unveils new and improved security features 2024-06-12 at 18:31 By Zeljka Zorz At its annual re:Inforce conference, Amazon Web Services (AWS) has announced new and enhanced security features and tools. Additional multi-factor authentication option To facilitate the concerted push to get customers to secure their accounts with multiple authentication factors, AWS has added support

React to this headline:

Loading spinner

AWS unveils new and improved security features Read More »

Strategies for combating AI-enhanced BEC attacks

access management, Artificial Intelligence, BEC scams, credentials, cybercrime, cybersecurity, Don't miss, Features, Hot stuff, News, opinion, remote working, scams, strategy, TeamViewer /

Strategies for combating AI-enhanced BEC attacks 2024-05-21 at 07:31 By Mirko Zorz In this Help Net Security interview, Robert Haist, CISO at TeamViewer, discusses how AI is being leveraged by cybercriminals to enhance the effectiveness of BEC scams. How is AI being leveraged by cybercriminals to enhance the effectiveness of BEC scams? BEC attacks are

React to this headline:

Loading spinner

Strategies for combating AI-enhanced BEC attacks Read More »

What is multi-factor authentication (MFA), and why is it important?

access management, authentication, BARR Advisory, cybersecurity, Don't miss, Hot stuff, MFA, password manager, passwords, Privacy, tips, Video /

What is multi-factor authentication (MFA), and why is it important? 2024-04-23 at 06:31 By Help Net Security Setting up MFA can seem daunting for consumers just beginning to clean up their security postures. In this Help Net Security video, Larry Kinkaid, Manager, Cybersecurity Consulting at BARR Advisory, shares tips for consumers who need simple, accessible

React to this headline:

Loading spinner

What is multi-factor authentication (MFA), and why is it important? Read More »

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access

access management, Delinea, Don't miss, enterprise, Hot stuff, News, PoC, privileged accounts, vulnerability, vulnerability disclosure /

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access 2024-04-15 at 14:46 By Zeljka Zorz Organizations with on-prem installations of Delinea Secret Server are urged to update them immediately, to plug a critical vulnerability that may allow attackers to bypass authentication, gain admin access and extract secrets. Fixing the Delinea Secret Server

React to this headline:

Loading spinner

A critical vulnerability in Delinea Secret Server allows auth bypass, admin access Read More »

Why are many businesses turning to third-party security partners?

access management, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, Privacy, professional, regulation, SaaS, SailPoint /

Why are many businesses turning to third-party security partners? 2024-04-10 at 08:03 By Help Net Security In 2023, 71% of organizations across various industries reported that their business feels the impact of the ongoing cybersecurity skills shortage. Many companies have been forced to scale back their cybersecurity programs as they struggle to find experienced candidates

React to this headline:

Loading spinner

Why are many businesses turning to third-party security partners? Read More »

Strategies for secure identity management in hybrid environments

access management, authentication, critical infrastructure, cyber hygiene, Don't miss, Features, Hot stuff, identity, identity management, News, Okta, password management, passwordless, strategy /

Strategies for secure identity management in hybrid environments 2024-04-09 at 07:02 By Mirko Zorz In this Help Net Security interview, Charlotte Wylie, SVP and Deputy CSO at Okta, discusses the challenges of managing user identities across hybrid IT environments. She emphasizes balancing and adopting comprehensive security controls, including cloud SSO and MFA technologies, to unify

React to this headline:

Loading spinner

Strategies for secure identity management in hybrid environments Read More »

How can the energy sector bolster its resilience to ransomware attacks?

access management, cybercriminals, cybersecurity, Delinea, Don't miss, energy sector, Expert analysis, Expert corner, Hot stuff, identity management, News, opinion, penetration testing, Ransomware, strategy /

How can the energy sector bolster its resilience to ransomware attacks? 2024-04-08 at 08:01 By Help Net Security Since it plays a vital role in every functioning society, the energy sector has always been a prime target for state-backed cybercriminals. The cyber threats targeting this industry have grown significantly in recent years, as geopolitical tensions

React to this headline:

Loading spinner

How can the energy sector bolster its resilience to ransomware attacks? Read More »

How manual access reviews might be weakening your defenses

access management, Compliance, cybersecurity, data, Don't miss, Hot stuff, regulation, Video, Zluri /

How manual access reviews might be weakening your defenses 2024-04-05 at 06:31 By Help Net Security As businesses evolve, they often experience changes in roles, partnerships, and staff turnover. This dynamic can result in improper access to data and resources. Such mismanagement leads to superfluous expenses from excessive software licensing fees and heightens the risk

React to this headline:

Loading spinner

How manual access reviews might be weakening your defenses Read More »

Strengthening defenses against nation-state and for-profit cyber attacks

access management, credentials, critical infrastructure, cyberattacks, cybersecurity, Don't miss, Hot stuff, identity, MFA, Video, Xage Security /

Strengthening defenses against nation-state and for-profit cyber attacks 2024-04-04 at 06:32 By Help Net Security There is an urgent need to secure tactical, operational, and strategic critical assets from the edge to the core. In this Help Net Security video, Geoffrey Mattson, CEO of Xage Security, discusses the steps enterprises and critical infrastructure must take

React to this headline:

Loading spinner

Strengthening defenses against nation-state and for-profit cyber attacks Read More »

How much does cloud-based identity expand your attack surface?

access management, credentials, cybersecurity, Don't miss, Expert analysis, Expert corner, Hot stuff, identity, identity management, IS Decisions, News, opinion, Risk Management /

How much does cloud-based identity expand your attack surface? 2024-03-29 at 08:01 By Help Net Security We all know using a cloud-based identity provider (IdP) expands your attack surface, but just how big does that attack surface get? And can we even know for sure? As Michael Jordan once said, “Get the fundamentals down, and

React to this headline:

Loading spinner

How much does cloud-based identity expand your attack surface? Read More »

Scroll to Top