Ask the Experts

Ask the Experts

Privileged access management

• How did a Moodle security vulnerability enable remote code execution?

  A series of logic flaws in Moodle enabled attackers to remotely execute code on servers. Expert Michael Cobb explains how the Moodle security vulnerability can be exploited.  Continue Reading

• How did thousands of MongoDB databases get hijacked?

  Thousands of MongoDB configurations were hijacked due to poor authentication practices. Expert Nick Lewis explains how organizations can properly configure their implementations.  Continue Reading

• Are separate administrator accounts a good idea for enterprises?

  Separate administrator accounts are becoming a normal part of access policies in enterprises. Expert Matthew Pascucci explains why this is a good idea and how to implement it.  Continue Reading

• How do identity governance and access management systems differ?

  Identity governance and access management systems overlap naturally, but they are still distinct. Expert Matthew Pascucci explains the difference between these two aspects of IAM.  Continue Reading

• How can Kerberos protocol vulnerabilities be mitigated?

  Microsoft's Kerberos protocol implementation has long-standing issues with its secret keys. Expert Michael Cobb explains how to mitigate the authentication vulnerabilities.  Continue Reading

• Which is safer: an HSM appliance or a virtual appliance?

  A self-managed HSM appliance may be the safer external key management system to use with your organization's encryption keys. Here's why.  Continue Reading

• Can reviewing credential dumps protect identity information?

  Reviewing credential dumps could potentially save identity information from being stolen and used in a data breach. Expert Randall Gamby explains why it's worth the extra work.  Continue Reading

• How can organizations get control over privileged identity management?

  Doling out too many admin privileges can lead enterprises astray when it comes to privileged identity management, but there are ways they can take back control.  Continue Reading

• A broader definition of identity governance

  The definition of identity governance has evolved to include a tool that could prove challenging for enterprises to implement.  Continue Reading

• To protect privileged users, consider using least privilege principle

  To defend against "laterally" moving attackers, consider granting privileged users the least privileges necessary. Expert Nick Lewis explains how.  Continue Reading

• Enterprise risk-based authentication: Has it finally arrived?

  Expert Randall Gamby discusses risk-based authentication, and whether that type of user identification system is right for the enterprise.  Continue Reading

• Privilege access management: User account provisioning best practices

  Broad user account provisioning can give users too much access. Randall Gamby offers privilege access management advice to prevent 'privilege creep.'  Continue Reading

• SCIM identity management and SCIM provisioning options

  SCIM identity management and identity provisioning have increased in their implementation. Learn how a company can assess these technology options.  Continue Reading

• SCIM identity management strategy: Time to outsource IdM?

  Randall Gamby outlines the SCIM identity management standard and offers identity management for those enterprises considering outsourcing.  Continue Reading

• Dynamic authorization vs. other access management technologies

  Randall Gamby discusses the advantages of dynamic authorization vs. other access management strategies and implementation best practices.  Continue Reading