Security Experts:

long dotted

NEWS & INDUSTRY UPDATES

Tor launches public bug bounty program with rewards of up to $4,000 per vulnerability, depending on impact and severity [Read More]
Vulnerabilities found by researchers in the Segway miniPRO allow hackers to take control of the hoverboard and possibly cause injury to the rider [Read More]
A security audit of Firefox Accounts revealed a total of 15 issues, including flaws rated critical and high severity [Read More]
Google this week will start inviting 2-Step Verification (2-SV) SMS users to try Google Prompt, its year-old method of approving sign-in requests on smartphones. [Read More]
Over 750 domains hijacked and pointed to RIG exploit kit after attackers accessed a web portal belonging to a technical partner of French registrar Gandi [Read More]
Boundary protection weaknesses remain the most prevalent in critical infrastructure sectors, according to assessments conducted in 2016 by ICS-CERT [Read More]
An old Kerberos authentication bypass vulnerability dubbed Orpheus' Lyre has been patched in Windows and some Linux distributions [Read More]
Join this webinar to learn how organizations are moving from simple two-factor authentication to modern, mobile multi-factor authentication for better identity assurance. [Read More]
Google warns websites using WoSign and StartCom certificates - they will no longer be trusted by Chrome starting in September [Read More]
Dell EMC provides patches and workarounds for vulnerabilities found in its Data Protection Advisor and ESRS Policy Manager products [Read More]

FEATURES, INSIGHTS // Identity & Access

rss icon

Travis Greene's picture
Passwords really are that bad, and we now have another mandate to address this ongoing issue, or, the so-called elephant in the room: The growing push for multi-factor authentication.
Travis Greene's picture
When big stories like the release of the Panama Papers breaks, it is an opportunity to self-evaluate what level of risk your organization could be exposed to.
Rafal Los's picture
Attackers are exploiting issues in corporate identity stores with greater frequency. If you doubt the danger that identities pose to your organization, you should conduct a simple test.
Travis Greene's picture
It’s been said that the military is always preparing to fight the last war. Are we doing the same in IT security? Are we doomed to always react to the threat?
Alastair Paterson's picture
While you may understand the risks that come from the use of social media, what options do you have to protect your organization against them?
Alan Cohen's picture
Micro-segmentation approaches play an important role in reducing the attack surface, the points of infiltration in the heart of the data center. By governing the traffic among servers, they reduce the risk of bad actors.
Travis Greene's picture
The investment in access certifications have reduced the workload on IT, but by treating all entitlements and users the same, we’ve put the burden on LOB managers to manage the risk of excessive access.
Travis Greene's picture
To understand why return on Access Governance is lower versus other security technologies, we first need to understand why Access Governance is implemented in the first place.
Travis Greene's picture
Yahoo's “Account Key” uses push notifications to their Yahoo Mail app on mobile devices. Will this securely replace passwords and two-factor authentication?
Travis Greene's picture
The true value of identity is not in creating more defense in depth, which means that identity is not the new perimeter.