identity
Cross-IdP impersonation bypasses SSO protections
Cross-IdP impersonation – a technique that enables attackers to hijack the single sign-on (SSO) process to gain unauthorized access to downstream software-as-a-service …
What 2025 holds for user identity protection
In this Help Net Security video, David Cottingham, President of rf IDEAS, discusses what he sees as the most prominent areas for improvement and continued change in the space: …
The changing face of identity security
It’s easy to see why identity security is often synonymous with user security. Social engineering tactics are the mainstay of the threat actor’s arsenal, and it’s rare to find …
Apple’s 45-day certificate proposal: A call to action
In a bold move, Apple has published a draft ballot for commentary to GitHub to shorten Transport Layer Security (TLS) certificates down from 398 days to just 45 days by 2027. …
Identity-related data breaches cost more than average incidents
Identity-related data breaches are more severe and costly than run-of-the-mill incidents, according to RSA. 40% of respondents reported an identity-related security breach. Of …
Simplifying decentralized identity systems for everyday use
In this Help Net Security interview, Carla Roncato, VP of Identity at WatchGuard Technologies, discusses how companies can balance privacy, security, and usability in digital …
Unlocking the value of AI-powered identity security
While most organizations are still in the early horizons of their identity security journey, those who achieve maturity are seeing disproportionately higher returns for every …
The role of self-sovereign identity in enterprises
As personal data becomes increasingly commodified and centralized, the need for individuals to reclaim control over their identities has never been more urgent. Meanwhile, …
Securing non-human identities: Why fragmented strategies fail
In this Help Net Security interview, John Yeoh, Global VP of Research at CSA, discusses the growing security challenges posed by non-human identities (NHIs). With NHIs now …
Organizations are making email more secure, and it’s paying off
Compromised identities have been a central component of countless costly breaches this year, according to Red Canary. Rise in identity and cloud-native attacks While most of …
Rising identity security risks: Why organizations must act now
As the priority for managing digital identities intensifies, organizations are encountering severe identity security risks. Recent findings indicate that many businesses are …
Gateways to havoc: Overprivileged dormant service accounts
Service accounts are non-human identities used to automate machine-to-machine interactions. They support critical functions – such as running scripts, services, and …