Web authentication and access control
Get tips and tricks on web authentication and and web access control. Learn when restricting Web access is necessary and how web application IAM techniques like single sign-on can thwart hacker attacks and threats.
Top Stories
-
News
28 Oct 2021
Twitter details internal Yubico security key rollout
Following last year's breach, Twitter obtained 100% security key enrollment from its 5,500 internal employee accounts within a month of the cutover date. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
01 Sep 2021
Beware of proxyware: Connection-sharing services pose risks
Cisco Talos warns that sharing internet connections with random people via third-party app like Honeygain and Peer2Profit could lead to malware installations and other threats. Continue Reading
-
Definition
30 Mar 2023
authentication factor
An authentication factor is a category of credential that is intended to verify, sometimes in combination with other factors, that an entity involved in some kind of communication or requesting access to some system is who, or what, they are declared to be. Continue Reading
By -
Definition
24 Mar 2023
three-factor authentication (3FA)
Three-factor authentication (3FA) is the use of identity-confirming credentials from three separate categories of authentication factors -- typically, the knowledge, possession and inherence categories. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
-
Definition
20 Mar 2023
FIDO (Fast Identity Online)
FIDO (Fast Identity Online) is a set of technology-agnostic security specifications for strong authentication. Continue Reading
By -
Definition
14 Nov 2022
time-based one-time password
A time-based one-time password (TOTP) is a temporary passcode generated by an algorithm that uses the current time of day as one of its authentication factors. Continue Reading
By -
Definition
17 Jun 2022
X.509 certificate
An X.509 certificate is a digital certificate that uses the widely accepted international X.509 public key infrastructure (PKI) standard to verify that a public key belongs to the user, computer or service identity contained within the certificate. Continue Reading
By- Alexander S. Gillis, Technical Writer and Editor
- Sharon Shea, Executive Editor
-
Definition
20 Apr 2022
WLAN Authentication and Privacy Infrastructure (WAPI)
WLAN Authentication and Privacy Infrastructure (WAPI) is a wireless local area network security standard officially supported by the Chinese government. Continue Reading
By -
Definition
07 Apr 2022
Open System Authentication (OSA)
Open System Authentication (OSA) is a process by which a computer could gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol. Continue Reading
By -
Definition
25 Feb 2022
Shared Key Authentication (SKA)
Shared Key Authentication (SKA) is a process by which a computer can gain access to a wireless network that uses the Wired Equivalent Privacy (WEP) protocol. Continue Reading
By -
Definition
11 Feb 2022
Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP)
Counter Mode with Cipher Block Chaining Message Authentication Code Protocol (CCMP) is an encryption protocol based on the U.S. federal government's Advanced Encryption Standard (AES) algorithm and uses the Counter Mode with CBC-MAC (CCM) mode of operation. Continue Reading
By -
Definition
30 Nov 2021
walled garden
On the internet, a walled garden is an environment that controls the user's access to network-based content and services. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
News
28 Oct 2021
Twitter details internal Yubico security key rollout
Following last year's breach, Twitter obtained 100% security key enrollment from its 5,500 internal employee accounts within a month of the cutover date. Continue Reading
By- Alexander Culafi, Senior News Writer
-
Definition
29 Sep 2021
CHAP (Challenge-Handshake Authentication Protocol)
CHAP (Challenge-Handshake Authentication Protocol) is a challenge and response authentication method that Point-to-Point Protocol (PPP) servers use to verify the identity of a remote user. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Definition
15 Sep 2021
Kerberos
Kerberos is a protocol for authenticating service requests between trusted hosts across an untrusted network, such as the internet. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
- Michael Cobb
-
News
01 Sep 2021
Beware of proxyware: Connection-sharing services pose risks
Cisco Talos warns that sharing internet connections with random people via third-party app like Honeygain and Peer2Profit could lead to malware installations and other threats. Continue Reading
-
News
15 Jul 2021
SonicWall warns of 'imminent' SMA 100/SRA ransomware attacks
SonicWall said that those who fail to update or disconnect their vulnerable SMA 100 and SRA devices are 'at imminent risk of a targeted ransomware attack.' Continue Reading
By- Alexander Culafi, Senior News Writer
-
Tip
12 Jul 2021
How to implement machine identity management for security
In IAM, companies must consider whether machines, applications and devices have the appropriate identities and access authorizations when communicating behind the scenes. Continue Reading
By -
News
28 Jun 2021
SolarWinds hackers compromised Microsoft support agent
After placing information-stealing malware on a customer support agent's system, the Nobelium threat actors gained access to three Microsoft clients. Continue Reading
By- Arielle Waldman, News Writer
-
News
24 Jun 2021
Atlassian moves to lock down accounts from takeover bugs
Check Point Research uncovered a set of flaws that, if chained together, would have enabled attackers to hijack accounts with single sign-on enabled. Continue Reading
-
News
24 Jun 2021
HPE jumps into zero trust with Project Aurora
Enterprise giant HPE says its new zero-trust offering, dubbed Project Aurora, will make its debut later this year with the GreenLake hybrid cloud platform. Continue Reading
-
News
11 Jun 2021
Slilpp marketplace goes dark following government takedown
Slilpp, a massive dark web emporium for buying and selling stolen credentials, has been pulled offline by an international law enforcement takedown. Continue Reading
-
News
08 Jun 2021
CISA taps Bugcrowd for federal vulnerability disclosure program
The new program follows a CISA directive from September that requires executive branch agencies to create and publish vulnerability disclosure policies. Continue Reading
-
Definition
01 Jun 2021
Amazon Cognito
Amazon Cognito is an Amazon Web Services product that controls user authentication and access for mobile applications on internet-connected devices. Continue Reading
By- Rahul Awati
- David Carty, Site Editor
-
News
19 May 2021
Cisco shares lessons learned in zero-trust deployment
The networking giant explained at RSA Conference 2021 how it was able to deploy a company-wide zero trust model in less than six months, and what it learned along the way. Continue Reading
-
News
14 May 2021
'Scheme flooding' bug threatens to sink user privacy
Researchers have uncovered a blind spot in web security that opens the door for tracking across multiple browsers and thwarts common privacy protections like incognito and VPN. Continue Reading
-
Definition
11 May 2021
Extensible Authentication Protocol (EAP)
The Extensible Authentication Protocol (EAP) is a protocol for wireless networks that expands the authentication methods used by the Point-to-Point Protocol (PPP), a protocol often used when connecting a computer to the internet. Continue Reading
-
Definition
15 Apr 2021
user authentication
User authentication verifies the identity of a user attempting to gain access to a network or computing resource by authorizing a human-to-machine transfer of credentials during interactions on a network to confirm a user's authenticity. Continue Reading
-
Definition
12 Apr 2021
Transport Layer Security (TLS)
Transport Layer Security (TLS) is an Internet Engineering Task Force (IETF) standard protocol that provides authentication, privacy and data integrity between two communicating computer applications. Continue Reading
By- Andrew Froehlich, West Gate Networks
- Kevin Beaver, Principle Logic, LLC
- Michael Cobb
-
News
05 Apr 2021
Remote work increases demand for zero-trust security
One year after lockdowns and office closures prompted a massive, hurried move to remote work, many enterprises are reexamining their security posture. Continue Reading
By- Arielle Waldman, News Writer
-
News
26 Jan 2021
Zero trust 2.0: Google unveils BeyondCorp Enterprise
BeyondCorp Enterprise, which replaces Google's BeyondCorp Remote Access, uses the Chrome browser to extend the zero-trust platform to customers for continuous authentication. Continue Reading
By- Rob Wright, Senior News Director
-
Tip
14 Jan 2021
Select a customer IAM architecture to boost business, security
Not all customer IAM platforms are created equal. Will a security-focused or marketing-focused CIAM architecture best meet your organization's needs? Read on for help deciding. Continue Reading
By- Mike Chapple, University of Notre Dame
-
News
07 Jan 2021
Defending against SolarWinds attacks: What can be done?
While no defense is guaranteed, zero-trust access and behavioral monitoring can be useful against nation-state hackers and threats like the SolarWinds attacks. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
24 Nov 2020
Weighing remote browser isolation benefits and drawbacks
Remote browser isolation benefits end-user experience and an organization's network security. Compare the pros, cons and cost challenges before investing in the zero-trust approach. Continue Reading
By -
Quiz
05 Oct 2020
Quiz: Network security authentication methods
There are many methods available to authenticate users requesting access to an organization's systems. Test your knowledge with this quiz on authentication in network security. Continue Reading
By- Katie Donegan, Social Media Manager
-
Tip
30 Sep 2020
What are the top secure data transmission methods?
Safe information transfer is a must for modern organizations, but not all secure data transmission methods are equal. Explore your secure data transfer options in this tip. Continue Reading
By- Michael Heller and Chris Apgar
-
Tip
10 Sep 2020
Combination of new, old tech driving remote access security
The massive shift to home-based workforces left IT vulnerable to unexpected threats, but organizations are combining old and new strategies to maintain remote access security. Continue Reading
By- Andrew Froehlich, West Gate Networks
-
News
23 Jul 2020
'Meow' attacks wipe more than 1,000 exposed databases
A new threat has hit more than 1,000 unsecured databases on ElasticSearch, MongoDB and other platforms, destroying data and replacing files with a single word: meow. Continue Reading
By- Arielle Waldman, News Writer
-
News
18 Jun 2020
New Cisco Webex vulnerability exposes authentication tokens
Trustwave SpiderLabs researchers disclosed a vulnerability in Cisco Webex software that leaks information stored in memory, including authentication tokens. Continue Reading
By- Arielle Waldman, News Writer
-
Tip
11 Jun 2020
3 key identity management tips to streamline workflows
Organizations must audit IAM processes to ensure that opportunities to streamline workflows are not missed. Use these identity management tips to get started. Continue Reading
By- Mike Chapple, University of Notre Dame
-
Feature
27 May 2020
Top 3 advantages of smart cards -- and potential disadvantages
As smart card adoption increases, it is prudent to take a closer look at how this technology can improve data security. Here, read more about the benefits of smart cards. Continue Reading
By- Katie Donegan, Social Media Manager
- Joel Snyder, Opus One
-
Tip
29 Apr 2020
SSL certificate best practices for 2020 and beyond
SSL/TLS security is continuously improving, and there are steps site owners should take to ensure the safety of their SSL certificates, websites and users. Read on to learn more. Continue Reading
By -
News
20 Apr 2020
Google unveils BeyondCorp Remote Access as VPN alternative
Google unveiled a new iteration of its zero-trust network offering with BeyondCorp Remote Access, which is designed to help remote workers securely connect to critical web apps. Continue Reading
By- Rob Wright, Senior News Director
-
Feature
29 Jan 2020
How to implement a holistic approach to user data privacy
IoT devices flood the market with promises to make daily life more convenient. Learn how to embrace user consent to benefit your organization and enhance user data privacy. Continue Reading
By- Katie Donegan, Social Media Manager
-
News
13 Dec 2019
RSA teams up with Yubico for passwordless authentication
RSA Security joined forces with Yubico to eliminate passwords within the enterprise. RSA's Jim Ducharme explains what it will take to the reach the 'last mile' of the pursuit. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
02 Dec 2019
Exposed Firebase databases hidden by Google search
A security researcher found that Google's search engine hides results for misconfigured Firebase databases that are publicly accessible on the internet. Continue Reading
By- Rob Wright, Senior News Director
-
News
07 Nov 2019
SSL certificate abuse drives growing number of phishing attacks
Phishing attacks against the United Nations and humanitarian organizations show how threat actors are weaponizing valid SSL certificates and how hard it is to stop the abuse. Continue Reading
By- Alexander Culafi, Senior News Writer
-
News
06 Nov 2019
Firefox bug is enabling attackers to freeze out users
A recently reported bug in Firefox allows spammed authentication dialogs to lock users out of their browsers and it is under attack in the wild, despite previous efforts to patch. Continue Reading
By- Michael Heller, TechTarget
-
Answer
16 Sep 2019
What's the purpose of CAPTCHA technology and how does it work?
Learn about the purpose of CAPTCHA challenges that enable websites to differentiate bots from authentic users to stop spammers from hijacking forums and blog comment sections. Continue Reading
By -
Feature
01 Aug 2019
New tech steers identity and access management evolution
IAM is evolving to incorporate new technologies -- like cloud-based services and containerization -- promising more secure, granular management of access to company IT assets. Continue Reading
By- Alissa Irei, Senior Site Editor
-
Opinion
01 Aug 2019
Is your identity management up to the task?
IAM is an organization's best defense for its weakest link, end users. Make sure you're following the right framework and keeping your tools honed and ready for battle. Continue Reading
By- Ben Cole, Executive Editor
- E-Zine 01 Aug 2019
-
Tip
17 Jul 2019
The benefits of IAM can far outweigh the costs
Identity and access management is a critical piece of enterprise information security. But the benefits of IAM go beyond illuminating who -- and what -- might be using your network. Continue Reading
By- Kevin Beaver, Principle Logic, LLC
-
Feature
06 May 2019
5 common authentication factors to know
Multifactor authentication is a security system that requires two or more authentication steps to verify the user's identity. Discover the most important terms related to MFA. Continue Reading
By- Katie Donegan, Social Media Manager
-
Tip
20 Mar 2019
How automated patch management using SOAR can slash risk
Learn how to use security orchestration, automation and response, also known as SOAR, to ease the hassle of mundane tasks related to patch management. Continue Reading
By- Mike Chapple, University of Notre Dame
-
Tip
20 Mar 2019
Automating incident response with security orchestration
Security orchestration, automation and response technology is now seen as a key aid to security pros attempting to thwart an onslaught of cyberattacks. Continue Reading
By- Mike Chapple, University of Notre Dame
-
Tip
20 Mar 2019
Plugging the cybersecurity skills gap with security automation
Security automation and response promises to help alleviate the shortage of qualified cybersecurity pros. Learn how SOAR helps security teams work smarter, not harder. Continue Reading
By- Mike Chapple, University of Notre Dame
-
News
05 Mar 2019
Container security tools turn heads with expansion to hosts
Vendors that sell container security tools now face off against traditional security tool providers, as both vie for the attention of IT pros who look to fortify their cloud-native infrastructure. Continue Reading
By- Beth Pariseau, Senior News Writer
-
News
28 Feb 2019
Cisco patches persistent Webex vulnerability for a third time
After two previous attempts, Cisco has issued a third patch for a persistent flaw in its Webex platform, which allows privilege escalation attacks on systems running the software. Continue Reading
By- Rob Wright, Senior News Director
-
Tip
28 Jan 2019
The evolution of the Let's Encrypt certificate authority
Certificate authorities work differently since the open source Let's Encrypt project went into effect. Expert Fernando Gont explains how both CAs and Let's Encrypt operate. Continue Reading
By- Fernando Gont, SI6 Networks
-
Feature
23 Jan 2019
Three examples of multifactor authentication use cases
When evaluating the business case for multifactor authentication, an organization must first identify how these three operational scenarios apply to a potential implementation. Continue Reading
By -
Feature
23 Jan 2019
Purchasing multifactor authentication tools: What to consider
Find out what you need to know before investing in a multifactor authentication tool, including the drawbacks and the benefits. Continue Reading
By -
Tip
15 Jan 2019
Updating TLS? Use cryptographic entropy for more secure keys
Cryptographic entropy is necessary to secure session encryption keys in TLS 1.2, but RSA key transport is not supported in TLS 1.3. Discover the causes for concern with Judith Myerson. Continue Reading
-
Answer
14 Jan 2019
How can an authentication bypass vulnerability be exploited?
A vulnerability was found in Western Digital's My Cloud NAS device that can be easily exploited by hackers. Discover what this vulnerability is and how users can be protected. Continue Reading
-
Tip
17 Dec 2018
For effective customer IAM, bundle security and performance
CIAM can verify identity, manage access and deliver a smooth experience for customers. Get an expert's insights on how to tackle customer IAM now. Continue Reading
By- Johna Till Johnson, Nemertes Research
-
News
13 Dec 2018
Project Zero finds Logitech Options app critically flawed
Tavis Ormandy of Google's Project Zero discovered a serious authentication vulnerability in Logitech's Options application, but the peripheral device maker has yet to address the flaw. Continue Reading
By -
Tip
30 Oct 2018
Enterprises should reconsider SMS-based 2FA use after breach
A Reddit breach was triggered by threat actors intercepting SMS messages used to authenticate employees to access sensitive data. Learn why enterprises should reconsider SMS for 2FA. Continue Reading
By -
Answer
19 Sep 2018
WPA3 protocol: Should enterprises implement the changes?
The Wi-Fi Alliance released the updated WPA3 protocol, adding security enhancements to the Wi-Fi access process. Learn why enterprises should update with Judith Myerson. Continue Reading
-
News
03 Aug 2018
Reddit breach sparks debate over SMS 2FA
Using two-factor authentication with one-time passwords sent via SMS has come under question again after a Reddit breach was blamed on the faulty 2FA method. Continue Reading
By- Michael Heller, TechTarget
-
Answer
13 Jul 2018
Drupalgeddon 2.0: Why is this vulnerability highly critical?
A recently discovered Drupal vulnerability in its open source CMS allowed attackers to control websites. Learn how almost one million sites were affected with Michael Cobb. Continue Reading
By -
Podcast
06 Jul 2018
Risk & Repeat: Is AI-driven identity management the future?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss Identiverse 2018 and how artificial intelligence is being applied to identity and access management. Continue Reading
By- Rob Wright, Senior News Director
-
News
28 Jun 2018
New types of authentication take root across the enterprise
At Identiverse 2018, speakers and attendees expect a rise in two-factor authentication, as the single sign-on user password authentication falls out of favor. Continue Reading
By- John Powers, Senior Site Editor
-
Answer
28 Jun 2018
How can a text editor plug-in enable privilege escalation?
Developers use text editors to enhance efficiency in the workplace even though they require vulnerable third-party plug-ins. Discover these vulnerabilities with Judith Myerson. Continue Reading
-
News
26 Jun 2018
Ping adds AI-driven API protection with Elastic Beam acquisition
Ping Identity increased its focus on API security with the acquisition of Elastic Beam, a startup that uses artificial intelligence to apply behavioral security on enterprise APIs. Continue Reading
By- Rob Wright, Senior News Director
-
Answer
04 May 2018
How will the new WPA3 protocol strengthen password security?
The development of WPA3 helps advance Wi-Fi protocol, as the next generation of Wi-Fi-enabled devices begins to demand more. Expert Michael Cobb explains how it differs from WPA2. Continue Reading
By -
News
24 Apr 2018
Akamai touts network perimeter security shifts, zero-trust model
As network perimeter security grows less practical, Akamai talks at RSA Conference about moving beyond firewalls to improve authentication with a zero-trust model. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
Answer
12 Apr 2018
Will biometric authentication systems replace passwords?
Biometric authentication systems have gained traction on mobile devices, but when will they become dominant within the enterprise? Expert Bianca Lopes weighs in on the topic. Continue Reading
By- Rob Wright, Senior News Director
-
News
10 Apr 2018
WebAuthn API gets standards nod from W3C, FIDO Alliance
W3C and the FIDO Alliance have given websites a new tool for doing FIDO-compliant authentication, as the WebAuthn authentication protocol is promoted to W3C Candidate Recommendation. Continue Reading
By- Peter Loshin, Former Senior Technology Editor
-
News
07 Feb 2018
Grammarly vulnerability exposed user documents
A Grammarly vulnerability in its browser extension authentication could have exposed users' sensitive documents if the popular spelling and grammar checker were left unpatched. Continue Reading
By- Madelyn Bacon, TechTarget
-
Answer
26 Jan 2018
How does credential stuffing enable account takeover attacks?
Credential stuffing activity is outpacing the growth of other cyberattacks and enabling account takeover attacks. Akamai Technologies' Patrick Sullivan explains the threat. Continue Reading
By- Patrick Sullivan
-
Answer
17 Jan 2018
Confused deputy: How did the vulnerability affect Slack?
A major SAML vulnerability was found in Slack that granted expired login credentials permission into the system. Matt Pascucci explains how this 'confused deputy' problem was handled. Continue Reading
-
Answer
15 Jan 2018
Canvas fingerprinting: How does it compromise security?
Mozilla recently decided to pull the HTML canvas element from the Firefox browser. Learn from expert Matt Pascucci what this means for the security and privacy of users. Continue Reading
-
Answer
08 Dec 2017
LDAP injection: How was it exploited in a Joomla attack?
After eight years, Joomla discovered an LDAP vulnerability that could be exploited by threat actors. Learn how the attack works from expert Matt Pascucci. Continue Reading
-
Tip
07 Dec 2017
How machine learning-powered password guessing impacts security
A new password guessing technique takes advantage of machine learning technologies. Expert Michael Cobb discusses how much of a threat this is to enterprise security. Continue Reading
By -
Tip
08 Nov 2017
Learn how to identify and prevent access control attacks
Once an attacker has gained entry to a network, the consequences can be severe. Find out how the right access control tools can help prevent that from happening. Continue Reading
By -
Answer
26 Oct 2017
Google Docs phishing attack: How does it work?
A Google Docs phishing attack used OAuth tokens to affect more than a million Gmail users. Nick Lewis explains how it happened, and how to defend against such an attack. Continue Reading
By -
Tip
17 Aug 2017
Common web application login security weaknesses and how to fix them
Flawed web application login security can leave an enterprise vulnerable to attacks. Expert Kevin Beaver reviews the most common mistakes and how to fix them. Continue Reading
By- Kevin Beaver, Principle Logic, LLC
-
Answer
09 Aug 2017
What tools can bypass Google's CAPTCHA challenges?
The ReBreakCaptcha exploit can bypass Google's reCAPTCHA verification system using flaws in Google's own API. Expert Michael Cobb explains how the attack works. Continue Reading
By -
Podcast
12 Jul 2017
Risk & Repeat: Should IAM systems be run by machine learning?
In this week's Risk & Repeat podcast, SearchSecurity editors discuss the identity and access management industry and how machine learning algorithms could govern IAM systems. Continue Reading
By- Rob Wright, Senior News Director
-
Feature
12 Jul 2017
Q&A: Ping CEO on contextual authentication, intelligent identity
Ping Identity CEO Andre Durand talks with SearchSecurity about the data-driven move toward contextual authentication and intelligent identity and what this means for enterprises. Continue Reading
By- Rob Wright, Senior News Director
-
Answer
07 Jun 2017
How does Facebook's Delegated Recovery enable account verification?
Facebook's Delegated Recovery aims to replace knowledge-based authentication with third-party account verification. Expert Michael Cobb explains how this protocol works. Continue Reading
By -
Feature
18 May 2017
Okta Adaptive MFA gives companies flexible authentication
Okta Adaptive MFA offers businesses a range of flexible authentication methods that use different contexts to determine which factors provide users with access. Continue Reading
By -
Feature
15 May 2017
Summing up Symantec VIP Service, a multifactor authentication tool
Expert David Strom looks at the Symantec VIP multifactor authentication product and how it can benefit enterprise security. Continue Reading
By -
Feature
15 May 2017
An in-depth look at Gemalto's SafeNet Authentication Service
Expert David Strom provides an in-depth look at Gemalto's SafeNet Authentication Service, a SaaS-based multifactor authentication product for boosting login security. Continue Reading
By -
Answer
12 May 2017
How did a Slack vulnerability expose user authentication tokens?
A Slack vulnerability exposed user authentication tokens and enabled hackers to access private data. Expert Matthew Pascucci explains how and why this hack was successful. Continue Reading
-
Feature
11 May 2017
SecureAuth IdP: An overview of its multifactor authentication ability
Expert David Strom looks at how SecureAuth IdP uniquely combines multifactor authentication and single sign-on login capabilities in a single product. Continue Reading
By -
Feature
10 May 2017
VASCO IDENTIKEY Authentication Server and a look at its key features
Expert David Strom takes a closer look at VASCO's IDENTIKEY Authentication Server, one of the leading multifactor authentication products on the market. Continue Reading
By -
Feature
05 May 2017
Quest Defender protects businesses with two-factor authentication
Through the Defender Management Portal, Quest Defender lets users request hard and soft tokens to provide valuable two-factor authentication and monitor all token activity. Continue Reading
By -
Guide
11 Apr 2017
How to deal with Identity and access management systems
An identity and access management system is increasingly essential to corporate security, but technological advances have made managing an IAM more complex than ever. Continue Reading
-
Answer
27 Mar 2017
How do identity governance and access management systems differ?
Identity governance and access management systems overlap naturally, but they are still distinct. Expert Matthew Pascucci explains the difference between these two aspects of IAM. Continue Reading
-
Tip
06 Mar 2017
Why authorization management is paramount for cybersecurity readiness
After enterprise identities are authenticated, an authorization management system should monitor how resources are being used. Expert Peter Sullivan explains how it can work. Continue Reading
-
Buyer's Guide
13 May 2015
Multifactor authentication: A buyer's guide to MFA products
In this SearchSecurity buyer's guide, learn how to evaluate and procure the right multifactor authentication product for your organization. Continue Reading