access control
Data privacy vault: Securing sensitive data while navigating regulatory demands
In this Help Net Security interview, Jean-Charles Chemin, CEO of Legapass, provides insight into the correlation between maintaining customer trust and protecting sensitive …
5 steps to building NSA-level access control for your app
Access control has become a main concern when it comes to developing secure web applications, and the NSA has a lot to say about it. Especially when it comes to the biggest …
A common user mistake can lead to compromised Okta login credentials
Logged failed logins into a company’s Okta domain could be used by threat actors to discover access credentials of valid accounts, Mitiga researchers have found. Those …
Vulnerabilities in Cisco Identity Services Engine require your attention (CVE-2022-20822, CVE-2022-20959)
Cisco has published a heads-up for admins of Cisco Identity Services Engine solutions, about two vulnerabilities (CVE-2022-20822, CVE-2022-20959) that could be exploited to …
Purpose-based access control: Putting data access requests into context
Access control is the heart of data protection. Striking the right balance between easy access and tight security isn’t easy, but getting it right is how you maintain business …
There is no secure critical infrastructure without identity-based access
Organizational security strategy has long been defined by an internal perimeter enclosing all a company’s information in a single secure location. Designed to keep external …
How complicated access management protocols have impacted cloud security
During AWS re:Inforce, Amazon executives emphasized how important access control is when it comes to cloud security and why IT leaders need to ask who has access to what and …
Despite known security issues, VPN usage continues to thrive
VPN usage is still prevalent among 90% of security teams who have highlighted cost, time, and difficulty as reasons to not move forward with ZTNA adoption, according to a new …
Elevation of Privilege is the #1 Microsoft vulnerability category
BeyondTrust announced the release of a report which includes the latest annual breakdown of Microsoft vulnerabilities by category and product, as well as a six-year trend …
3 key elements to protect a Kubernetes cluster
Kubernetes changed how we structure, deploy, and run our applications and became a de-facto standard for running infrastructure at scale. With the rapid adoption of …
Manage and monitor third-party identities to protect your organization
SecZetta shared a research that demonstrates a clear misalignment between the strategies organizations currently use and what is actually required to protect them from …
4 steps for building an orchestrated authorization policy for zero trust
There is a great deal of emphasis placed on the zero-trust approach with respect to access. Looking beyond authentication (the act of verifying that someone is who they say …