Web Authentication and Access Control News
November 08, 2016
Researchers find widespread risk for users of apps with insecure OAuth implementation, which could lead to attackers being able to access the data held within a vulnerable app.
October 30, 2015
Google demands Certificate Transparency for all Symantec-issued certificates in wake of last month's escalating disclosures about fake "testing" certificates.
September 16, 2015
A new report details how attackers can fly under the radar by using stolen credentials in order to avoid breach detection and forgoing the use of malware in malicious activity.
June 11, 2015
Agencies from U.S. and U.K. governments now support the FIDO Alliance and its open standards for passwordless authentication.
Web Authentication and Access Control Get Started
Bring yourself up to speed with our introductory content
Single sign-on is a session and user authentication process in which a user can access multiple applications with one name and password. Continue Reading
A Certificate Revocation List (CRL) is a list of digital certificates that have been revoked by the issuing Certificate Authority and should not be trusted. Web browsers use CRLs to determine whether a website's digital certificate is still valid ... Continue Reading
Biometric authentication has quickly evolved to include behavioral identifiers. Expert Michael Cobb explores the benefits of behavioral biometric technology for enterprises. Continue Reading
Evaluate Web Authentication and Access Control Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Using passwords to authenticate users has a long and troubled past. Expert Rob Shapland explains how open standards such as FIDO, SAML and OpenID can help solve the woes surrounding user authentication in the cloud. Continue Reading
Learn about the new and improved security features in the upcoming Microsoft Edge browser, including on-by-default sandboxes, Passport and HTML5. Continue Reading
Cloud credentials can create major vulnerabilities. Expert Dan Sullivan outlines how to detect compromised credentials and the best ways to prevent it. Continue Reading
Manage Web Authentication and Access Control
Learn to apply best practices and optimize your operations.
Privileged user management is important for enterprises operating on the cloud. Expert Dave Shackleford discusses some best practices to help secure cloud access control. Continue Reading
Authentication vulnerabilities are a constant problem, but testing tools like hashcat can make a significant difference. Expert Joe Granneman discusses hashcat and password cracking. Continue Reading
Network administrators typically resist policies for separate accounts when performing different tasks. Expert Michael Cobb explains the risk of privileged access. Continue Reading
Problem Solve Web Authentication and Access Control Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Mandatory access control and application sandboxing both offer layers of security through controlling access to system resources. Expert Michael Cobb explains what sets each apart. Continue Reading
Doling out too many admin privileges can lead enterprises astray when it comes to privileged identity management, but there are ways they can take back control. Continue Reading
While using the cloud for identity and access management can simplify the task, it is critical to consider a number of factors when implementing cloud IAM products and services. Expert Dave Shackleford explains. Continue Reading