The identity mess your customers feel before you do 2025-11-27 at 07:55 By Anamarija Pogorelec Customer identity has become one of the most brittle parts of the enterprise security stack. Teams know authentication matters, but organizations keep using methods that frustrate users and increase risk. New research from Descope shows how companies manage customer identity […]
The identity mess your customers feel before you do Read More »
The browser is eating your security stack 2025-11-13 at 07:39 By Anamarija Pogorelec Employees log into SaaS platforms, upload files, use AI tools, and manage customer data from a single tab. While the browser has become the enterprise’s main workspace, it remains largely outside the reach of security controls. According to the 2025 Browser Security
The browser is eating your security stack Read More »
Google says 2026 will be the year AI supercharges cybercrime 2025-11-05 at 07:06 By Anamarija Pogorelec Security leaders are staring down a year of major change. In its Cybersecurity Forecast 2026, Google paints a picture of a threat landscape transformed by AI, supercharged cybercrime, and increasingly aggressive nation-state operations. Attackers are moving faster, scaling their
Google says 2026 will be the year AI supercharges cybercrime Read More »
What Microsoft’s 2025 report reveals about the new rules of engagement in cyberdefense 2025-10-24 at 10:42 By Anamarija Pogorelec Adversaries are using AI to sharpen attacks, automate operations, and challenge long-standing defenses, according to a new Microsoft report. Researchers describe a year in which criminal and state-backed actors blurred the lines between cybercrime, espionage, and
What Microsoft’s 2025 report reveals about the new rules of engagement in cyberdefense Read More »
Inside the messy reality of Microsoft 365 management 2025-10-20 at 07:00 By Anamarija Pogorelec Most MSPs agree that Microsoft 365 is now the backbone of business operations, but a Syncro survey shows that complexity, incomplete backups, and reactive security continue to slow their progress in managing it. About 60% of MSPs said Microsoft 365 powers
Inside the messy reality of Microsoft 365 management Read More »
The password problem we keep pretending to fix 2025-10-16 at 07:15 By Anamarija Pogorelec Experts across industries say they are still losing ground against identity-related breaches, even after years of investment in stronger access controls, according to RSA. Many said their organizations had faced at least one identity-related breach in recent years, and most of
The password problem we keep pretending to fix Read More »
Securing agentic AI with intent-based permissions 2025-10-10 at 08:31 By Help Net Security When seatbelts were first introduced, cars were relatively slow and a seatbelt was enough to keep drivers safe in most accidents. But as vehicles became more powerful, automakers had to add airbags, crumple zones, and (eventually) adaptive driver assistance systems that anticipate
Securing agentic AI with intent-based permissions Read More »
Identity management was hard, AI made it harder 2025-09-08 at 07:33 By Anamarija Pogorelec Identity security is becoming a core part of cybersecurity operations, but many organizations are falling behind. A new report from SailPoint shows that as AI-driven identities and machine accounts grow, most security teams are not prepared to manage them at scale.
Identity management was hard, AI made it harder Read More »
Why IAM should be the starting point for AI-driven cybersecurity 2025-06-06 at 09:03 By Mirko Zorz In this Help Net Security interview, Benny Porat, CEO at Twine Security, discusses applying AI agents to security decisions. He explains why identity and access management (IAM) is the ideal starting point for both augmentation and automation, and shares
Why IAM should be the starting point for AI-driven cybersecurity Read More »
Why app modernization can leave you less secure 2025-05-27 at 09:09 By Help Net Security Enterprises typically “modernize” access patterns for an application by enabling industry standard protocols like OIDC or SAML to provide single sign-on (SSO) for legacy apps via a cloud identity provider (IDP). That’s a major step towards better user experience, improved
Why app modernization can leave you less secure Read More »
Preparing for the next wave of machine identity growth 2025-05-01 at 09:21 By Mirko Zorz Machine identities are multiplying fast, and many organizations are struggling to keep up. In this Help Net Security interview, Wendy Wu, CMO at SailPoint, explains why machine identity security matters, where most companies go wrong, how automation can help, and
Preparing for the next wave of machine identity growth Read More »
The hidden risk in SaaS: Why companies need a digital identity exit strategy 2025-03-21 at 08:31 By Help Net Security In the face of sudden trade restrictions, sanctions, or policy shifts, relying on SaaS providers outside your region for identity services is a gamble that companies can no longer afford to take. With trade disputes
The hidden risk in SaaS: Why companies need a digital identity exit strategy Read More »
The risks of autonomous AI in machine-to-machine interactions 2025-02-18 at 08:03 By Mirko Zorz In this Help Net Security, Oded Hareven, CEO of Akeyless Security, discusses how enterprises should adapt their cybersecurity strategies to address the growing need for machine-to-machine (M2M) security. According to Hareven, machine identities must be secured and governed similarly to human
The risks of autonomous AI in machine-to-machine interactions Read More »
Keycloak: Open-source identity and access management 2024-12-12 at 06:04 By Help Net Security Keycloak is an open-source project for identity and access management (IAM). It provides user federation, strong authentication, user management, authorization, and more. Keycloak is based on standard protocols and supports OpenID Connect, OAuth 2.0, and SAML. Single Sign-On: Users authenticate through Keycloak
Keycloak: Open-source identity and access management Read More »
Who handles what? Common misconceptions about SaaS security responsibilities 2024-12-09 at 07:33 By Mirko Zorz In this Help Net Security interview, James Dolph, CISO at Guidewire, addresses common misconceptions about security responsibilities in cloud environments, particularly in SaaS, and how these misunderstandings can lead to security risks. What common misconceptions do you encounter about the
Who handles what? Common misconceptions about SaaS security responsibilities Read More »
The role of self-sovereign identity in enterprises 2024-10-08 at 07:31 By Help Net Security As personal data becomes increasingly commodified and centralized, the need for individuals to reclaim control over their identities has never been more urgent. Meanwhile, traditional identity systems used by enterprises often expose sensitive information to unnecessary risk, leaving both users and
The role of self-sovereign identity in enterprises Read More »
Reducing credential complexity with identity federation 2024-10-01 at 07:01 By Mirko Zorz In this Help Net Security interview, Omer Cohen, Chief Security Officer at Descope, discusses the impact of identity federation on organizational security and user experience. He explains how this approach streamlines credential management and enhances security by leveraging trusted identity providers while simplifying
Reducing credential complexity with identity federation Read More »
3 tips for securing IoT devices in a connected world 2024-09-27 at 08:01 By Help Net Security IoT devices have become integral to how many organizations operate. From Smart TVs in conference rooms to connected sensors and wireless security cameras, these connected devices are now a fixture in the modern workplace. They also, however, present
3 tips for securing IoT devices in a connected world Read More »
Active Directory compromise: Cybersecurity agencies provde guidance 2024-09-26 at 17:31 By Zeljka Zorz Active Directory (AD), Microsoft’s on-premises directory service for Windows domain networks, is so widely used for enterprise identity and access management that compromising it has become almost a standard step in cyber intrusions. “Active Directory is susceptible to compromise due to its
Active Directory compromise: Cybersecurity agencies provde guidance Read More »
Risk related to non-human identities: Believe the hype, reject the FUD 2024-07-15 at 08:01 By Help Net Security The hype surrounding unmanaged and exposed non-human identities (NHIs), or machine-to-machine credentials – such as service accounts, system accounts, certificates and API keys – has recently skyrocketed. A steady stream of NHI-related breaches is causing some of
Risk related to non-human identities: Believe the hype, reject the FUD Read More »