Security Experts:

long dotted


Potentially serious vulnerability affecting the Zoom conferencing application can allow an attacker to hijack screen controls, spoof chat messages, and kick attendees off a session [Read More]
Industry professionals comment on reports that a vulnerability in an API used by USPS exposed the data of 60 million customers [Read More]
Microsoft shares information on the root cause of the massive outage that impacted its Azure Active Directory authentication services across Europe, Asia and the Americas [Read More]
Acceptto emerges from stealth to launch its cognitive authentication platform and announce an unspecified Series A funding round [Read More]
Orkus emerges from stealth mode with an access governance platform designed to help organizations protect their cloud [Read More]
Facebook is now offering up to $40,000 for vulnerabilities that can be exploited for full account takeover without user interaction [Read More]
OSIsoft warns employees, interns, consultants and contractors that all domain accounts have likely been compromised [Read More]
Amazon S3 Block Public Access is a new feature designed to help users ensure that their buckets are not accidentally made public [Read More]
Google has added new features to help G Suite administrators enforce rigorous password requirements and increase security. [Read More]
Google services inaccessible for some users as a result of a BGP leak that caused traffic to be directed through Russia, China and Nigeria. Unclear if it was a configuration issue or a malicious act [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Torsten George's picture
With 2019 just around the corner, organizations should examine their overall cyber security and identity management strategies and align them to address the #1 cause of today’s data breach — privileged access abuse.
Travis Greene's picture
A Consumer Identity and Access Management (CIAM) approach can help your security organization gain a reputation as a business partner that drives heightened user experiences and business competitiveness.
Torsten George's picture
Instead of relying solely on passwords, security professionals should consider implementing a Zero Trust approach to identity and access management based on the following best practices.
Torsten George's picture
The Reddit data breach illustrates the importance of rolling out an approach designed to verify the user, validate their device, limit access and privilege, and learn and adapt to new risks.
Torsten George's picture
Cyber attackers long ago figured out that the easiest way for them to gain access to sensitive data is by compromising an end user’s identity and credentials.
Travis Greene's picture
Privileged Access Management (PAM) can monitor and record user activity to offer misuse deterrence by collecting evidence for prosecution, and can provide more detailed compliance reporting than system logs.
Josh Lefkowitz's picture
It’s imperative that security practitioners acknowledge the often-confusing nature of insider threat, seek to dispel misconceptions, and provide clear, accurate insight whenever possible.
David Holmes's picture
There’s a popular attack vector among brute-force attackers right now that takes advantage of the 90-day password expirations commonly used by enterprises.
Travis Greene's picture
Closing the gaps in credential security requires awareness of what gaps exist and how to mitigate them.
Torsten George's picture
Implementing machine learning in the context of access control can help organizations reduce their reliance on passwords, and potentially get rid of them altogether.