SSO

Cross-IdP impersonation bypasses SSO protections

Don't miss, identity, News, Push Security, SaaS, SSO /

Cross-IdP impersonation bypasses SSO protections 2024-11-19 at 18:22 By Help Net Security Cross-IdP impersonation – a technique that enables attackers to hijack the single sign-on (SSO) process to gain unauthorized access to downstream software-as-a-service (SaaS) applications without compromising a company’s primary identity provider (IdP) – is expected to gain popularity with attackers, according to Push […]

React to this headline:

Loading spinner

Cross-IdP impersonation bypasses SSO protections Read More »

How hybrid workforces are reshaping authentication strategies

authentication, biometrics, cybersecurity, Don't miss, Features, FusionAuth, Hot stuff, identity verification, MFA, News, opinion, SSO /

How hybrid workforces are reshaping authentication strategies 2024-10-08 at 07:01 By Mirko Zorz In this Help Net Security interview, Brian Pontarelli, CEO at FusionAuth, discusses the evolving authentication challenges posed by the rise of hybrid and remote workforces. He advocates for zero trust strategies, including MFA and behavioral biometrics, to enhance security while maintaining productivity.

React to this headline:

Loading spinner

How hybrid workforces are reshaping authentication strategies Read More »

Reducing credential complexity with identity federation

authentication, credentials, cybersecurity, Descope, Don't miss, Features, Hot stuff, identity management, News, opinion, SSO /

Reducing credential complexity with identity federation 2024-10-01 at 07:01 By Mirko Zorz In this Help Net Security interview, Omer Cohen, Chief Security Officer at Descope, discusses the impact of identity federation on organizational security and user experience. He explains how this approach streamlines credential management and enhances security by leveraging trusted identity providers while simplifying

React to this headline:

Loading spinner

Reducing credential complexity with identity federation Read More »

Critical Authentication Flaw Haunts GitHub Enterprise Server

CVE-2024-6800, GitHub, GitHub Enterprise Server, Identity & Access, SSO, Vulnerabilities /

Critical Authentication Flaw Haunts GitHub Enterprise Server 2024-08-21 at 20:01 By Ryan Naraine GitHub patches a trio of security defects in the GitHub Enterprise Server product and recommends urgent patching for corporate users. The post Critical Authentication Flaw Haunts GitHub Enterprise Server appeared first on SecurityWeek. This article is an excerpt from SecurityWeek RSS Feed

React to this headline:

Loading spinner

Critical Authentication Flaw Haunts GitHub Enterprise Server Read More »

How passkeys eliminate password management headaches

authentication, cybersecurity, Don't miss, Features, Hot stuff, Industry news, opinion, passwords, rf IDEAS, SSO, standards /

How passkeys eliminate password management headaches 2024-08-15 at 07:01 By Mirko Zorz In this Help Net Security interview, David Cottingham, President at rf IDEAS, discusses the key benefits organizations can expect when implementing passkeys. Cottingham addresses the misconceptions surrounding the adoption of passkeys, particularly in the B2B landscape. What are the key benefits that organizations

React to this headline:

Loading spinner

How passkeys eliminate password management headaches Read More »

Product showcase: How to track SaaS security best practices with Nudge Security

access management, News, Nudge Security, OAuth, Product showcase, SaaS, SSO /

Product showcase: How to track SaaS security best practices with Nudge Security 2024-03-13 at 06:37 By Help Net Security As technology adoption has shifted to be employee-led, IT and security teams are contending with an ever-expanding SaaS attack surface. At the same time, they are often spread thin, meaning they need ways to quickly identify

React to this headline:

Loading spinner

Product showcase: How to track SaaS security best practices with Nudge Security Read More »

Phishers target FCC, crypto holders via fake Okta SSO pages

Cryptocurrency, Don't miss, fcc, Hot stuff, Lookout, News, Okta, phishing, SSO /

Phishers target FCC, crypto holders via fake Okta SSO pages 2024-03-04 at 14:46 By Helga Labus A new phishing campaign is using fake Okta single sign-on (SSO) pages for the Federal Communications Commission (FCC) and for various cryptocurrency platforms to target users and employees, Lookout researchers have discovered. The phishing campaign By pretending to be

React to this headline:

Loading spinner

Phishers target FCC, crypto holders via fake Okta SSO pages Read More »

Understanding zero-trust design philosophy and principles

authentication, Bloomberg, cybersecurity, Don't miss, Features, Hot stuff, identity management, News, opinion, SSO, standards, zero trust /

Understanding zero-trust design philosophy and principles 2024-01-09 at 07:32 By Mirko Zorz In this Help Net Security interview, Phil Vachon, Head of Infrastructure in the Office of the CTO at Bloomberg, discusses the varying definitions of zero trust among security professionals and companies, emphasizing its broad design philosophy. Vachon explores challenges in implementing zero trust,

React to this headline:

Loading spinner

Understanding zero-trust design philosophy and principles Read More »

The new imperative in API security strategy

access control, API security, authentication, cybersecurity, News, report, SSO, survey, Wallarm /

The new imperative in API security strategy 16/11/2023 at 07:01 By Help Net Security Of the 239 vulnerabilities, 33% (79 out of 239) were associated with authentication, authorization and access control (AAA) — foundational pillars of API security, according to Wallarm. Prioritizing AAA principles Open authentication (OAuth), single-sign on (SSO) and JSON Web Token (JWT),

React to this headline:

Loading spinner

The new imperative in API security strategy Read More »

Is the new OWASP API Top 10 helpful to defenders?

API security, attacks, authentication, automation, bot, Cequence Security, Don't miss, Expert analysis, Expert corner, Hot stuff, News, opinion, OWASP, SSO /

Is the new OWASP API Top 10 helpful to defenders? 30/08/2023 at 07:32 By Help Net Security The OWASP Foundation’s Top Ten lists have helped defenders focus their efforts with respect to specific technologies and the OWASP API (Application Programming Interface) Security Top 10 2023 is no exception. First drafted five years ago and updated

React to this headline:

Loading spinner

Is the new OWASP API Top 10 helpful to defenders? Read More »

Adapting authentication to a cloud-centric landscape

access control, authentication, biometrics, CISO, Compliance, credentials, cybersecurity, Don't miss, Features, Hot stuff, MFA, News, opinion, passwordless, policy, regulation, SSO, zero trust, ZITADEL /

Adapting authentication to a cloud-centric landscape 28/08/2023 at 07:33 By Mirko Zorz In this Help Net Security interview, Florian Forster, CEO at Zitadel, discusses the challenges CISOs face in managing authentication across increasingly distributed and remote workforces, the negative consequences of ineffective authorization, and how the shift toward cloud transformation affects authentication strategies. What are

React to this headline:

Loading spinner

Adapting authentication to a cloud-centric landscape Read More »

Scroll to Top