Security Experts:

long dotted


Microsoft has updated its Authenticator application to provide users with security notifications whenever suspicious activity is detected on their accounts. [Read More]
To mark International Safer Internet Day, Google commissioned Harris Poll to survey 3,000 American adults to understand attitudes and behaviors around online security. [Read More]
Behavioral biometrics solutions provider TypingDNA has raised $1.5 million in seed funding. [Read More]
Hackers have been scanning the Internet for Cisco Small Business RV320 and RV325 routers affected by recently patched vulnerabilities. Attacks started shortly after disclosure and release of PoC exploits. [Read More]
AWS launches Amazon WorkLink, a service that enables organizations to provide employees easy and secure access to internal assets from their mobile devices. [Read More]
Identity management solutions provider Keyfactor, formerly Certified Security Solutions (CSS), raises $77 million, which it will use to accelerate market expansion and meet growing demand for its products. [Read More]
DHS issues an emergency directive instructing federal agencies to take measures to mitigate DNS hijacking attacks after several government domains were targeted by malicious actors. [Read More]
A storage server configured for public access was found to expose terabytes of data belonging to the Oklahoma Department of Securities. [Read More]
The number of US government domains for which security certificates were left to expire due to the government shutdown has exceeded 130. One impacted domain belongs to the White House. [Read More]
ForeScout researchers create PoC malware that demonstrates how malicious actors could hack smart buildings and building automation systems. [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Torsten George's picture
Since multi-factor authentication requires several elements for identity verification, it’s one of the best ways to prevent unauthorized users from accessing sensitive data and moving laterally within the network.
Torsten George's picture
While implementing Zero Trust is a journey that cannot be achieved over night, it also doesn’t require a complete redesign of existing network architectures.
Torsten George's picture
With 2019 just around the corner, organizations should examine their overall cyber security and identity management strategies and align them to address the #1 cause of today’s data breach — privileged access abuse.
Travis Greene's picture
A Consumer Identity and Access Management (CIAM) approach can help your security organization gain a reputation as a business partner that drives heightened user experiences and business competitiveness.
Torsten George's picture
Instead of relying solely on passwords, security professionals should consider implementing a Zero Trust approach to identity and access management based on the following best practices.
Torsten George's picture
The Reddit data breach illustrates the importance of rolling out an approach designed to verify the user, validate their device, limit access and privilege, and learn and adapt to new risks.
Torsten George's picture
Cyber attackers long ago figured out that the easiest way for them to gain access to sensitive data is by compromising an end user’s identity and credentials.
Travis Greene's picture
Privileged Access Management (PAM) can monitor and record user activity to offer misuse deterrence by collecting evidence for prosecution, and can provide more detailed compliance reporting than system logs.
Josh Lefkowitz's picture
It’s imperative that security practitioners acknowledge the often-confusing nature of insider threat, seek to dispel misconceptions, and provide clear, accurate insight whenever possible.
David Holmes's picture
There’s a popular attack vector among brute-force attackers right now that takes advantage of the 90-day password expirations commonly used by enterprises.