security

Build vs. Buy: The Value of MFA Implementation Through APIs and SDKs

Developers need to make their cloud-native applications secure, which can demand a lot of resources and take their focus off the core functionality of an app. But building security into an app doesn’t need to be challenging or time-consuming. Leveraging APIs and SDKs means developers can strengthen an app while actually reducing their workload. By…

Implement MFA on Your Custom Apps and Websites, Then Brag about It (While You Still Can!)

TL;DR: Multi-Factor Authentication (MFA) is going mainstream(!). U2F keys (a.k.a., hardware tokens) are standing out as a great option for your customers. Add U2F support to your website while you can still brag about it.... Plus, it's quick and easy! Multi-Factor Authentication (MFA) is becoming mainstream. Until recently, MFA was only used to…

Learn to Integrate Okta and Oracle Weblogic with the LDAP Interface

Okta integrates everything—including Oracle WebLogic Server. In this post, I'll show you how to use the LDAP interface to integrate Okta with WebLogic. When WLS and Okta work together Before we start: legacy app patterns Recently, we announced Integration Patterns for Legacy Applications, an eBook describing design patterns you can use to…

How Okta secures your Java EE Application Server (without reinventing the wheel)

Today’s post gives an overview of how Okta integrates with Java EE Application Servers to protect your Java infrastructure. This includes: Oracle WebLogic IBM WebSphere Red Hat JBoss Glassfish I also cover improving end-user experience and security with Single Sign-On (SSO) and Adaptive Multi-Factor Authentication (MFA), and how to simplify…

A Tool to Strengthen Your Password Manager

Password managers, such as Okta Browser Plugin can defend against phishing attacks. However, to prevent the compromise of passwords, password managers need to be hardened against attacks that confuse them into misidentifying websites. To help achieve this, the Okta Research and Exploitation team (REX) has created a tool, hack_url_re, to…

The Battle Between Build vs. Buy

Every development team must decide which components to build in-house and which to offload to a 3rd party vendor. This decision is often difficult and hotly debated. After all, most developers chose this career in order to build cool things! Choosing to relinquish that control to buy a solution can seem contrary to their raison d’etre. But…

The Evolution of Zero Trust: Next Gen Access

The Zero Trust security framework was first developed by John Kindervag in 2009 while he was at Forrester Research. Zero Trust challenged the traditional security model of a firewall forming a perimeter between a trusted internal network and an untrusted external one. This security approach breaks down if a threat actor is able to penetrate that…

On-Premises Apps and Remote Workers: How to Secure a Hybrid IT Environment

While many organizations are moving to the cloud, the reality is this: most use a hybrid environment, and many of their on-premises components aren’t going anywhere soon. Examples of such hybrid components include virtual private networks (VPNs) and/or virtual desktop infrastructures (VDIs), which enable remote access to company resources…

Mitigate Risks with Modern Password Recovery Systems

The ability to reset your password is an essential system requirement. With so many online services available, it’s common to have multiple user accounts for the various apps and services you interact with every day. Security doctrine dictates that you need a different password for each account, and that you update each one regularly. With so many…

Are You Prepared to Secure Your Millennial Workforce?

If you do a little research to try and define millennials by date or age range, you will find many competing definitions. Some measure this generational category from the mid-1970s to 2000, others state 1996 is the end date, and few only consider someone to be a millennial if they were born after the mid-1980s. However, the one underlying…

security

Tags

Archive