New & Notable
Web authentication and access control News
April 24, 2018
As network perimeter security grows less practical, Akamai talks at RSA Conference about moving beyond firewalls to improve authentication with a zero-trust model.
April 10, 2018
W3C and the FIDO Alliance have given websites a new tool for doing FIDO-compliant authentication, as the WebAuthn authentication protocol is promoted to W3C Candidate Recommendation.
February 07, 2018
A Grammarly vulnerability in its browser extension authentication could have exposed users' sensitive documents if the popular spelling and grammar checker were left unpatched.
July 12, 2017
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the identity and access management industry and how machine learning algorithms could govern IAM systems.
Web authentication and access control Get Started
Bring yourself up to speed with our introductory content
FIDO (Fast ID Online) is a set of technology-agnostic security specifications for strong authentication. FIDO is developed by the FIDO Alliance, a non-profit organization that seeks to standardize authentication at the client and protocol layers. Continue Reading
Identity management (ID management) is the organizational process for identifying, authenticating and authorizing individuals or groups of people to have access to applications, systems or networks by associating user rights and restrictions with ... Continue Reading
Once an attacker has gained entry to a network, the consequences can be severe. Find out how the right access control tools can help prevent that from happening. Continue Reading
Evaluate Web authentication and access control Vendors & Products
Weigh the pros and cons of technologies, products and projects you are considering.
Biometric authentication systems have gained traction on mobile devices, but when will they become dominant within the enterprise? Expert Bianca Lopes weighs in on the topic. Continue Reading
If unsafe computer systems scare the living daylights out of you, tune into this webinar on how to do authenticated vulnerability scans to avoid system damage. Continue Reading
A new password guessing technique takes advantage of machine learning technologies. Expert Michael Cobb discusses how much of a threat this is to enterprise security. Continue Reading
Manage Web authentication and access control
Learn to apply best practices and optimize your operations.
A major SAML vulnerability was found in Slack that granted expired login credentials permission into the system. Matt Pascucci explains how this 'confused deputy' problem was handled. Continue Reading
Passwords and tokens are a thing of the past. No way, you say? Our webcast on the likely ways authentication will work in the future may make a believer out of you. Continue Reading
Many apps are using the OAuth 2.0 protocol for both authentication and authorization, but technically it's only a specification for delegated authorization, not for authentication. Continue Reading
Problem Solve Web authentication and access control Issues
We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.
Credential stuffing activity is outpacing the growth of other cyberattacks and enabling account takeover attacks. Akamai Technologies' Patrick Sullivan explains the threat. Continue Reading
Mozilla recently decided to pull the HTML canvas element from the Firefox browser. Learn from expert Matt Pascucci what this means for the security and privacy of users. Continue Reading
After eight years, Joomla discovered an LDAP vulnerability that could be exploited by threat actors. Learn how the attack works from expert Matt Pascucci. Continue Reading