Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Secure email services provider ProtonMail introduces new encrypted contacts manager to help users protect their address book [Read More]
HP has promised to release patches for vulnerabilities found by researchers in some of the company’s printers [Read More]
The final version of the ‘OWASP Top 10 - 2017’ has been released, and CSRF and unvalidated redirects didn’t make the list [Read More]
Chinese drone maker DJI and a researcher are in an online battle – which could also turn into a legal battle – over the company’s bug bounty program [Read More]
Apache CouchDB was affected by critical vulnerabilities that could have allowed remote attackers to escalate privileges and execute code [Read More]
Oracle patches several vulnerabilities, including two rated critical, in the Jolt server component of the company’s Tuxedo product [Read More]
Face ID, the facial biometric unlocking technology included in Apple’s recently laucnhed iPhone X, can be bypassed using a mask, security researchers have discovered. [Read More]
CIA source code files published by WikiLeaks as part of the Vault 8 leak appear to show that the intelligence agency impersonated Kaspersky Lab [Read More]
Hundreds of apps that use Twilio SDK or REST API include hardcoded credentials that can be used to access millions of calls and text messages [Read More]
DevOps is increasing the attack surface in at least one area -- privileged accounts. [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Travis Greene's picture
As the demand for identity governance in Asian companies grows, the key differentiator is that it’s going to come from a need to reduce risk.
Travis Greene's picture
While Identity and access management (IAM) is a mature discipline supporting internal employee access to applications, what is the future of IAM in support of end customer interactions?
Travis Greene's picture
Like all security measures, MFA is not an instant fix to safeguard credentials. But, understanding the risks of MFA limitations is the first step towards mitigation.
Travis Greene's picture
Passwords really are that bad, and we now have another mandate to address this ongoing issue, or, the so-called elephant in the room: The growing push for multi-factor authentication.
Travis Greene's picture
When big stories like the release of the Panama Papers breaks, it is an opportunity to self-evaluate what level of risk your organization could be exposed to.
Rafal Los's picture
Attackers are exploiting issues in corporate identity stores with greater frequency. If you doubt the danger that identities pose to your organization, you should conduct a simple test.
Travis Greene's picture
It’s been said that the military is always preparing to fight the last war. Are we doing the same in IT security? Are we doomed to always react to the threat?
Alastair Paterson's picture
While you may understand the risks that come from the use of social media, what options do you have to protect your organization against them?
Alan Cohen's picture
Micro-segmentation approaches play an important role in reducing the attack surface, the points of infiltration in the heart of the data center. By governing the traffic among servers, they reduce the risk of bad actors.
Travis Greene's picture
The investment in access certifications have reduced the workload on IT, but by treating all entitlements and users the same, we’ve put the burden on LOB managers to manage the risk of excessive access.