Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

CrackQ is an intuitive interface for Hashcat served by a REST API and a JavaScript front-end web application for ease of use [Read More]
Twitter users no longer need a phone number to use 2-Factor Authentication (2FA) to secure their accounts, and can now use codes via text messages , mobile security apps, and security keys. [Read More]
Popular password manager 1Password has closed a $200 million Series A round, which the company says is the first outside investment following 14 years of growth and profitability. [Read More]
Ecommerce fraud prevention solutions provider Riskified has raised $165 million in a Series E funding round at a valuation of over $1 billion. [Read More]
In addition to new security tools for Azure, at the Ignite 2019 conference this week, Microsoft announced new capabilities aimed at improving the security of its users across platforms. [Read More]
Bed Bath & Beyond says the accounts of less than 1% of its customers have been hacked in an attack that involved credentials obtained from third-party breaches and password reuse. [Read More]
A new report focuses on stolen credentials belonging to global Fortune 500 organizations, and used machine learning (ML) techniques to clean and verify the collected data. [Read More]
Researchers discovered that Adobe exposed 7.5 million records associated with Creative Cloud customers, including email addresses and other account information. [Read More]
Microsoft this week announced the public preview of a new feature that allows enterprise users to check their Azure Active Directory sign-ins for any unusual activity. [Read More]
The presidential campaign website of Donald Trump exposed information that may have allowed hackers to send out emails on behalf of the organization. [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

David Holmes's picture
The debate about the deprecation of SMS as an authentication system is less about the agreed-upon insecurity of SMS and more about what can replace it. SMS survives because of its ubiquity, period.
Torsten George's picture
Shifting traditional perimeter-based enterprise security strategies to a Zero Trust approach provides more robust prevention, detection, and incident response capabilities to protect continuously expanding attack surfaces.
Torsten George's picture
The anatomy of a hack has been glorified and led to the common belief that data breaches typically exploit zero-day vulnerabilities and require a tremendous amount of code sophistication.
Erin O’Malley's picture
It’s important for IT security teams to understand the slight, but potentially significant difference between MFA and two-factor (2FA) authentication.
Torsten George's picture
Since multi-factor authentication requires several elements for identity verification, it’s one of the best ways to prevent unauthorized users from accessing sensitive data and moving laterally within the network.
Torsten George's picture
While implementing Zero Trust is a journey that cannot be achieved over night, it also doesn’t require a complete redesign of existing network architectures.
Torsten George's picture
With 2019 just around the corner, organizations should examine their overall cyber security and identity management strategies and align them to address the #1 cause of today’s data breach — privileged access abuse.
Travis Greene's picture
A Consumer Identity and Access Management (CIAM) approach can help your security organization gain a reputation as a business partner that drives heightened user experiences and business competitiveness.
Torsten George's picture
Instead of relying solely on passwords, security professionals should consider implementing a Zero Trust approach to identity and access management based on the following best practices.
Torsten George's picture
The Reddit data breach illustrates the importance of rolling out an approach designed to verify the user, validate their device, limit access and privilege, and learn and adapt to new risks.