security

5 Ways to Continuously Mitigate Risk at Your Organization

We’re living in a landscape where risks are prolific, diverse, and often unanticipated. Organizations are under immense pressure to implement strong security measures and avoid cyber attacks from highly specialized threat actors looking to capitalize on the smallest oversight. In this post, we’ll look at some strategies you can leverage to manage…

How to Use Feedback Loops to Find the Gaps in your Security Strategy

Organizations are under ever-greater pressure to leverage new app technologies to drive competitive advantage and growth. Yet these ambitious plans all come crashing down if they can’t guarantee that modern IT systems are built on a secure foundation. Security analytics that incorporate data from access control systems are a crucial tool in the…

4 Tools to Keep in your Risk-Assessment Toolbox

As more companies move to support cloud-based environments to work with better mobility and flexibility, their number of vulnerability points also increase. A thriving underground economy that trades in hacking tools, cyber crime services, stolen data, and credentials is estimated to be worth $600 billion annually—that’s more than the film, gaming…

The Ultimate Authentication Playbook

With the rise of of credential stuffing and similar attack methods, simple username and password authentication is not enough to deter bad actors. According to the Verizon Data Breach Investigations Report, there were over 55,000 security incidents and 2,200 confirmed data breaches in 2018, with a whopping 81% of those incidents being tied to…

3 Ways to Stop Account Takeovers Before They Begin

To put it bluntly, 2018 was a bad year for data security. Major consumer-facing corporations like Marriott and Facebook experienced some of the largest data breaches in history, exposing the data of millions of consumers. In total, 2018 saw an overall increase in compromised company records of 133% YoY, with an average of 291 records stolen every…

One-Minute Webinar: Zero Trust in Practice

Too busy to watch the Zero Trust in Practice webinar? Don’t worry—we’ve got you covered. There’s a lot of hype around Zero Trust security, but it’s proving to be more than just theory. Trust used to be a binary decision determined by the network, but as organizations move to mobile and cloud based services, the perimeter as we knew it has…

Investigating Modlishka Credential Attacks: Old Dog, New Tricks

You may have heard about a new phishing tool called Modlishka, and have questions about its potential impact on multi-factor authentication or single sign-on. To be clear, Modlishka is not a vulnerability in MFA or SSO. Rather, it is an automation tool designed to make it easier for attackers to phish your employees. In this post, I will outline…

Build vs. Buy: The Value of MFA Implementation Through APIs and SDKs

Developers need to make their cloud-native applications secure, which can demand a lot of resources and take their focus off the core functionality of an app. But building security into an app doesn’t need to be challenging or time-consuming. Leveraging APIs and SDKs means developers can strengthen an app while actually reducing their workload. By…

Learn to Integrate Okta and Oracle Weblogic with the LDAP Interface

Okta integrates everything—including Oracle WebLogic Server. In this post, I'll show you how to use the LDAP interface to integrate Okta with WebLogic.   When WLS and Okta work together Before we start: legacy app patterns Recently, we announced Integration Patterns for Legacy Applications, an eBook describing design patterns you can use to…

Archive