Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

A critical vulnerability affecting a GDPR compliance plugin for WordPress has been exploited in the wild [Read More]
Minneapolis-based identity firm Entrust Datacard has acquired Barcelona, Spain firm Safelayer Secure Communications. Financial details were not been disclosed. [Read More]
A default account exposes Cisco Small Business switches to remote attacks. No patch available, but there is a workaround [Read More]
BehavioSec adds new features to Behavioral Biometrics Platform, including global profiling, detection of obfuscated origin, and docker container support [Read More]
Symantec acquires mobile application security firm Appthority and Javelin Networks, a company specializing in Active Directory (AD) security [Read More]
BLEEDINGBIT: Millions of enterprise access points and other network devices may be exposed to remote attacks due to vulnerabilities in Bluetooth Low Energy (BLE) chips made by Texas Instruments [Read More]
Google announces new protections and tools designed to help users secure their account [Read More]
iPhone enthusiast Jose Rodriguez (aka videosdebarraquito) finds new iPhone lockscreen bypass. The latest method abuses the recently introduced Group FaceTime feature [Read More]
Signal unveils “sealed sender,” a new feature designed to protect the identity of a sender [Read More]
Malicious actors could cause serious damage to organizations in the energy and water sectors by targeting their HMIs, Trend Micro warns [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Travis Greene's picture
A Consumer Identity and Access Management (CIAM) approach can help your security organization gain a reputation as a business partner that drives heightened user experiences and business competitiveness.
Torsten George's picture
Instead of relying solely on passwords, security professionals should consider implementing a Zero Trust approach to identity and access management based on the following best practices.
Torsten George's picture
The Reddit data breach illustrates the importance of rolling out an approach designed to verify the user, validate their device, limit access and privilege, and learn and adapt to new risks.
Torsten George's picture
Cyber attackers long ago figured out that the easiest way for them to gain access to sensitive data is by compromising an end user’s identity and credentials.
Travis Greene's picture
Privileged Access Management (PAM) can monitor and record user activity to offer misuse deterrence by collecting evidence for prosecution, and can provide more detailed compliance reporting than system logs.
Josh Lefkowitz's picture
It’s imperative that security practitioners acknowledge the often-confusing nature of insider threat, seek to dispel misconceptions, and provide clear, accurate insight whenever possible.
David Holmes's picture
There’s a popular attack vector among brute-force attackers right now that takes advantage of the 90-day password expirations commonly used by enterprises.
Travis Greene's picture
Closing the gaps in credential security requires awareness of what gaps exist and how to mitigate them.
Torsten George's picture
Implementing machine learning in the context of access control can help organizations reduce their reliance on passwords, and potentially get rid of them altogether.
Torsten George's picture
To limit exposure to privileged credential attacks, organizations need to rethink their enterprise security strategy and move to an identity-centric approach based on a Zero Trust model.