Identity and access management
Identity is often considered the perimeter in infosec, especially as traditional enterprise perimeters dissolve. Identity and access management is critical to maintain data security. From passwords to multifactor authentication, SSO to biometrics, get the latest advice on IAM here.
New & Notable
Identity and access management News
-
April 28, 2022
28
Apr'22
Lapsus$ targeting SharePoint, VPNs and virtual machines
From social engineering attacks to admin tools, a recent NCC Group report examined the tactics used by Lapsus$ to breach companies like Microsoft, Nvidia and Samsung.
-
April 18, 2022
18
Apr'22
Stolen OAuth tokens lead to 'dozens' of breached GitHub repos
Stolen OAuth tokens issued to Heroku and Travis CI were used to download data from the private repositories of 'dozens of organizations,' including GitHub subsidiary npm.
-
April 14, 2022
14
Apr'22
VMware Workspace One flaw actively exploited in the wild
Multiple threat intelligence providers have detected threat activity related to the VMware Workspace One flaw, including cryptocurrency mining activity.
-
March 22, 2022
22
Mar'22
Lapsus$ hacking group hit authentication vendor Okta
Authentication vendor Okta is the latest tech giant to be named as a victim of the prolific Lapsus$ crew, through key details about the attack remain in dispute.
Identity and access management Get Started
Bring yourself up to speed with our introductory content
-
man-in-the-middle attack (MitM)
A man-in-the-middle (MiTM) attack is a type of cyber attack in which the attacker secretly intercepts and relays messages between two parties who believe they are communicating directly with each other. Continue Reading
-
WLAN Authentication and Privacy Infrastructure (WAPI)
WLAN Authentication and Privacy Infrastructure (WAPI) is a wireless local area network security standard officially supported by the Chinese government. Continue Reading
-
built-in administrator account
In the Windows operating system, the built-in administrator account -- the first account created when the OS was installed -- has the highest permissions of any profile on the computer system. Continue Reading
Evaluate Identity and access management Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
-
How secure are one-time passwords from attacks?
Adding an additional authentication layer makes it harder for attackers to get into accounts, but not all authentication factors are equal -- especially when it comes to OTPs. Continue Reading
-
Top 3 Web3 security and business risks
The third iteration of the internet is quickly coming to fruition. With Web3 comes an evolution in business risks, however, as well as susceptibility to traditional risks. Continue Reading
-
Use digital identity proofing to verify account creation
Validating users during account creation with identity proofing helps prevent data breaches but isn't without challenges. Discover how it works and concerns to address. Continue Reading
Manage Identity and access management
Learn to apply best practices and optimize your operations.
-
5 steps to ensure a successful access management strategy
Access management is top of mind for organizations, especially in the hybrid workspace. Follow these five steps to create an access management strategy that benefits all users. Continue Reading
-
Why companies should focus on preventing privilege escalation
If attackers can elevate privileges once inside a system, their access can be unlimited. Discover common privilege escalation techniques and how to mitigate them. Continue Reading
-
How to stop malicious or accidental privileged insider attacks
How many permissions or privileges a user has will affect how big of an insider threat they are. Discover the issues surrounding privileged users and how to curtail these threats. Continue Reading
Problem Solve Identity and access management Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
-
Use a decentralized identity framework to reduce enterprise risk
To reduce the risk of identity theft for customers, partners and employees, companies should look at integrating a decentralized identity framework into existing infrastructure. Continue Reading
-
6 persistent enterprise authentication security issues
Some authentication factors are considered more secure than others but still come with potential drawbacks. Learn about the most common enterprise authentication security issues. Continue Reading
-
In biometrics, security concerns span technical, legal and ethical
Biometrics are increasingly being used for enterprise security, but they are not without technical, legal and ethical concerns, which teams must address before deployment. Continue Reading