Identity 101 Index
Authentication
- Defining Certificate Authority and How It Works
- Multi-factor Authentication + VPN = Secure and Private
- Why Multi-Factor Authentication is Everywhere
- What is Strong Authentication? We Rank 6 Security Factors
- Should You Choose U2F or Adaptive MFA?
- Which Industries Require Two-Factor Authentication?
- Authentication vs Authorization
- What Is a Security Token (or Authentication Token) and How Does It Work?
- What to Look for in a Risk-Based Authentication Solution
- What is the Most Secure Authentication Method for Your Organization?
- Biometrics: Secure Authentication in the Modern Age
- What’s the Difference Between OAuth, OpenID Connect, and SAML?
- Take Your Security to the Next Level with Context-Based Authentication
- What Is Token-Based Authentication and Who Uses It?
- SAML vs. OAuth: Comparison and Differences
- Universal 2nd Factor (U2F): History, Evolution, Advantages
- Web Authentication: How Is Web API Basic Authentication Used?
- PEAP (Protected Extensible Authentication Protocol)
- CAPTCHA: Meaning, Types & How They Work
- Authentication Server: Definition, Architecture & Operations
- Understanding Adaptive Authentication and How It Works
- Authentication Protocols 101: Definition, Types, and When to Use
- How Does Facial Recognition Work and Is It Secure?
- Authentication: Definition, Methods, Importance, and Processes
- What Is Passwordless Authentication & How Does It Work?
- WiFi Authentication Errors and Methods to Solve Them
- Cross Site Tracking: Defining Browser Tracking and Prevention
- Voice Passwords: Definition, Security & How They Work
- Dual Authentication: A Necessary Extra Layer of Security
- Identification & Authentication: Similarities & Differences
- Password Authentication Protocol (PAP) Security Explained
- Strong Customer Authentication (SCA): History & Compliance
- Central Authentication Service (CAS) Protocol Explained
AD/Active Directory
- Tips to Better Leverage Your Active Directory
- Single Sign-On: The Difference Between ADFS vs. LDAP
- How Okta Helps Automate User Provisioning for Active Directory
- LDAP vs. Active Directory: What's the Difference
Customer Identity and Access Management (CIAM)
- Defining Data Profiling: Processes and Usage
- Defining Customer Identity & Access Management (CIAM)
- How CIAM Solutions Help Protect Your Customers’ Data
Digital Transformation
- What Is the Cloud? Defining Remote Internet Infrastructures
- How Legacy Apps Are Moving to the Cloud: Office 365
- What Is Hybrid Cloud Architecture and How Can We Use It?
- What Is Cloud Native Architecture: A Guide
- Arriving at a Hybrid IT Definition
- How To Plan a Successful Cloud Migration Strategy
- What Is SaaS? Defining Software as a Service
- The Rising Importance of Identity Proofing
- Behavioral Biometrics: Types, Technology & Industries
- Biometric Passport: Security, Data Protection & How They Work
- Understanding Digital Identity & How It Works
- Cross Site Tracking: Defining Browser Tracking and Prevention
- Age Verification System: Definition, Processes, and Usage
- 10 Signs of Identity Theft to Watch Out For
- Multi-Tenancy Cloud: Definition, Security & Benefits
- Okta – Defining Cloud Computing: Systems, Architecture, and Uses
Identity and Access Management (IAM)
- Identity Verification Defined and How Does It Work
- User Access Management Basics
- An Overview of Identity and Access Management (IAM)
- What is IDaaS? Understanding Identity as a Service and Its Applications
- Privacy, Security, Efficiency: The Benefits of a Cloud Identity Provider
- Setting Up IAM: Managing Permissions to Ensure Compliance
- How Identity and Access Management Quietly Powers Your Company
- How to Start Investing in Identity and Access Management
- What Is Identity Management and Access Control?
- The Importance of Centralized Identity Management
- The Changing Landscape of Enterprise Identity Management
- 4 Key Things You Should Know About Access Governance
- Access Token: Definition, Architecture, Usage & More
- What Is Access Control & How Crucial Is It to Cybersecurity?
- What Is Authorization? Definition & Comparison with Access Control
- Synthetic Identity Theft: Definition, Damages & Defense
- Fraud Monitoring: Definition, Importance & Defenses
- Fraud Prevention: Definition & How It Works
- Fake Identities: Damages, Data, and Defense
- Fake Employment Verification: Techniques & Defenses
- Extended Access Control List 101: Access & Privilege
- Entitlement Management Identity Governance Explained
- Digital Onboarding: Definition, Benefits & How It Works
- Digital Rights Management (DRM): Access Control Tech Defined
- Fingerprint Biometrics: Definition & How Secure It Is
- API Management: Publishing, Policies, and Access Control
- Defining PII (Personally Identifiable Information)
- Information Classification: Definition & Internal Development
- Digital Signatures: What They Are & How They Work
- Understanding the Process of Identity Authentication
- What Is Identity Theft? Definition & Examples
- Customer Due Diligence (CDD) Process Defined
- Access Control List: Definition, Types & Usages
- What Is an SDK? Software Development Kits Explained
- Bring Your Own Device (BYOD) Policy Best Practices
- Self-Sovereign Identity (SSI): Autonomous Identity Management
- Principle of Least Privilege: Definition, Methods & Examples
- LEI (Legal Entity Identifier): Creation, Usage & Benefits
- The KYC Verification Process: 3 Steps to Compliance
- Medical Identity Theft: Defense & Prevention Measures
- KYC (Know Your Customer) Definition, Guidelines & Regulations
- Identity Theft Protection: How It Works & Do You Need It?
IT Management
- MAN: Definition & How It Compares to a LAN
- Time to Live (TTL): Meaning, Purpose & Usage
- Data in Motion: How to Protect Information in Transit
- Understanding Proxy Servers and How They Work
- What is PCI? Understanding the Importance of PCI Compliance
- Understanding Traffic Bots & How to Stop Them
- Bad Gateway Errors: Why They Happen and 5 Solutions
- What is a Network Access Server?
- Why Your Company Needs an Identity Provider
- How Identity Governance Protects Your Business
- ICMP Protocol (Internet Control Message Protocol): A Guide
- HMAC (Hash-Based Message Authentication Codes) Definition
- IDS vs. IPS: Definitions, Comparisons & Why You Need Both
- HTTP Error 431: Definition, Status, Causes & Solutions
- SD-Wan: Defining a Software-Defined Wide Area Network
- What Is Cached Data? Why & How Should You Clear It?
- HLS Streaming: Definition, Usage, Pros & Cons
- What Is 1.1.1.1 & Does It Really Make Your Internet Safer?
- What Is BaaS (Backend as a Service)? Definition and Usage
- Black-Box Testing: Definition, Types & Techniques
- What Is Edge Computing & Why Does it Matter?
- Fault Tolerance: Definition, Testing & Importance
- Generic Routing Encapsulation (GRE) Tunnel Defined
- Low Orbit Ion Cannon (LOIC): Definition, Damage & Defense
- Origin Servers: Definition, Usage & Edge Server Comparison
- OSI Layers: Understanding the OSI Model & Its 7 Layers
- HTTP vs. HTTPS: Definition, Comparison & Security Implications
- What Is MTU (Maximum Transmission Unit)?
- MX Record: Definition, Usage & Protections
- PAN (Personal Area Network) Definition & Overview
- What Is Round Trip Time? Overview, Formula & Usage
- Serverless Computing: Uses, Advantages, and Disadvantages
- Reverse Proxy: What Is a Reverse Proxy and Why Use One?
- What Is Latency? Definition, Impact & How to Reduce
- Correlation ID: Definition, Functionality and Uses
- Virtual Hosting: Types, Architecture, Uses & Benefits
- Server Name Indication (SNI): Definition & Usage
- Web Application Firewall: Definition, Usage & Necessity
- Warrant Canary: Definition, Evolution & Impacts
- DNS Over HTTPS: Remote DNS Resolutions by HTTPS Protocol
- SPF Record Checks: How to Check SPF Records and Why You Should
- SMS Gateway: Definition, Uses, and How They Work
- Anonymous IP Browsing: Types, Risks, and Detection
- Ping Trace Techniques for Network Connectivity Troubleshooting
- SSL Offloading 101: Definition, Processes & Objectives
- Internal IP Address Defined: Purpose & Uses
- Augmented Intelligence (AI): The Future of Cognitive Security
- What Is a Systems Administrator & What Do They Do?
- GDPR Compliant
- What Is a Digital Certificate? Definition & Examples
- What Is Middleware? Definition, Guide & Examples
- What Is a Virtual Machine? Definition & Guide
- What Does a CISO (Chief Information Security Officer) Do?
Lifecycle Management
- Scale Securely: Establishing Universal Directory Policies
- Understanding Lifecycle Management and Regulatory Compliance
- Managing the User Lifecycle: Device Provisioning Made Easy
- What Is Role-Based Access Control (RBAC)?
- Role-Based Access Control vs Attribute Based Access Control
Single Sign-on (SSO)
- What to Look for When Choosing a Single Sign-On Solution
- How to Choose Your SSO Strategy
- Build a Strategy for Password Management
- Federated Identity Management vs. Single Sign-On: What’s the Difference?
- What Is Federated Identity?
Security
- Man-in-the-Browser Attack (MITB): Definition & Defense
- Wannacry Ransomware Attack: Definition, Damage & Defense
- Network Access Control (NAC): Securing Networks by Device
- Cybersecurity Work From Home Tips for Businesses and Employees
- Zoom Vulnerability: Definition & Defense Techniques
- Data Transfer Object DTO Definition and Usage
- Remote Desktop Services (RDS): Security Benefits and Uses
- What Is a Fork Bomb? Definition, Code, Prevention & Removal
- Aphanumeric Characters and Alphanumeric Password Requirements
- What Is a Spam Bot? Definition & Defenses
- What Is a Teardrop Attack? Definition, Damage & Defense
- What Is a DNS PTR Record & What Is It Used For?
- The PlusToken Cryptocurrency Scheme: Architecture and Exposure
- Address Resolution Protocol (ARP): What It Is and How It Works
- Password Entropy: The Value of Unpredictable Passwords
- SSL Handshake (TLS Handshake) Explained
- What Is a DNS SOA Record & What Is It Used For?
- 3 Common Mistakes That Lead to a Security Breach
- Building Zero Trust Networks: Securing the Perimeter
- How to Set Up Privileged Access Management
- What Is Corporate Account Takeover and How Do We Prevent It?
- Why Is Cloud Security So Important?
- Reducing Your Attack Surface: A Guide
- What Is Least Privilege Access—and Why Do You Need It?
- What is an Attack Surface? (And How to Reduce It)
- Scareware: Definition, Identification & Prevention
- What Is a VPN & How Does It Work?
- Hashing vs. Encryption: Definitions & Differences
- What Is LDAP & How Does It Work?
- DMZ Network: What Is a DMZ & How Does It Work?
- DNS Poisoning (DNS Spoofing): Definition, Technique & Defense
- Asymmetric Encryption: Definition, Architecture, Usage
- ARP Poisoning: Definition, Techniques, Defense & Prevention
- Credential Stuffing: Definition, Techniques & Defense
- Public Key Encryption: What Is Public Cryptography?
- Security as a Service (SECaaS): Advantages & Services
- Ransomware Defined: How Does It Work & How to Prevent It
- IP Spoofing Unraveled: What It Is & How to Prevent It
- Penetration Testing: What Is It & Why Is Pentesting Required?
- Password Encryption: How Do Password Encryption Methods Work?
- Intrusion Prevention System: What Is An IPS? How Do They Work?
- Tokenization Explained: What Is Tokenization & Why Use It?
- RSA Encryption: Definition, Architecture, Benefits & Use
- Hashing Algorithm Overview: Types, Methodologies & Usage
- PGP: Defining Pretty Good Privacy & How PGP Encryption Works
- Cyber Kill Chain Defined: A Review of Cyber Kill Chain Steps
- Macro Virus: Definition, Operation, Prevention & Removal
- Steganography: What Is It and How Does Steganography Work?
- Advanced Persistent Threat: Definition, Lifecycle, and Defense
- What Is Application Security & Why Is It Essential?
- Firewall: Definition, How They Work and Why You Need One
- CSRF Attack: Cross-Site Request Forgery Definition & Defense
- Security Information & Event Management (SIEM) 101
- Defining Buffer Overflow Attacks & How to Defend Against Them
- Clickjacking: Definition, Defense & Prevention
- Data Exfiltration: Definition, Damage & Defense
- Data Integrity: Definition, Importance & Security Impacts
- DDoS Attack 101: Definition, Techniques, Risks & Prevention
- What Is Deep Packet Inspection (DPI)? Definition & Usage
- Disaster Recovery: Planning, Strategies, Types & Procedures
- Defining DLP (Data Loss Prevention) & Exploring How it Works
- Emotet Malware: Definition, Damage, Defense & Prevention
- Evil Twin Attack: Fake WiFi Access Point Vulnerabilities
- Insider Threat: Definition, Prevention & Defense
- Defining Intrusion Detection Systems & How IDS Monitors Work
- Malvertising: Definition, Techniques & Defense
- What Is the Ping of Death (PoD)? Definition, Damage & Defense
- What Is the Morris Worm? History and Modern Impact
- What Is MyDoom Malware? History, How It Works & Defense
- RC4 Encryption Algorithm Stream Ciphers Defined
- Defining SYN Flood DDoS Attacks: Definition, Damage & Defense
- Stream Cipher 101: Definition, Usage & Comparisons
- RAT (Remote Access Trojan) Software Attacks Defined
- SASE: Secure Access Service Edge Defined
- Brute Force Attack: Preventing Trial-and-Error Logins
- Arbitrary Code Execution (ACE): Definition & Defense
- Cloud Computing Security: Your Comprehensive Guide
- Google Hacking (Google Dorking): Definition & Techniques
- Defining Hping Packet Generator as a Security Tool
- Fraggle Attack: Definition, Damage, Defense & vs. Smurf
- Network Vulnerabilities 101: Types and Prevention Methods
- Elliptic Curve Digital Signature Algorithm (ECDSA) Defined
- One-Way Hash Function: Dynamic Algorithms
- Password vs. Passphrase: Differences Defined & Which Is Better?
- Honeypots: Definition & Role in Cybersecurity Testing
- Social Engineering Attacks: Definition, Methods & Prevention
- What Is a Keylogger and How Can You Protect Yourself From One?
- Script Kiddies and Skiddies: Identifying Unskilled Hackers
- Attack Vector Paths: Definition, Common Exploits, and Protection
- What Is Cybersecurity? Definition, Threats & More
- What Is Cryptography? Definition & How It Works
- Slowloris DDoS Attack: Definition, Damage & Defense
- What Is a Smurf Attack? Definition & Defense
- SQL Injection: Definition, Damage & Defense
- IP Stresser (IP Booter) Definition & Uses
- WiFi Pineapple Definition & Pineapple Router Uses
- What Is a Honeynet? Definition, Usage & the Honeynet Project
- Mirai Botnet Malware: Definition, Impacts & Evolution
- Defining & Understanding the MITRE ATT&CK Framework
- Server-Side Request Forgery (SSRF): Definition & Defense
- Session Hijacking Attack: Definition, Damage & Defense
- Threat Intelligence 101: Mechanisms & Implications
- What Is Transport Layer Security & How Does It Work?
- Data Privacy: Regulations, Tips, and Compliance
- 6 Password Hacker Tools and Protecting Against Them
- Understanding the Metasploit Project and Why It's Useful
- Malicious Code: Types, Dangers, and Defenses
- Security Hacker: History, Types, Exploits, and Benefits
- Cybersecurity Work From Home Guide for Employers and Employees
- XSS Vulnerability 101: Identify and Stop Cross-Site Scripting
- Security Through Obscurity (STO): History, Criticism & Risks
- Privacy vs. Security: Exploring the Differences & Relationship
- Rooted Devices: Definition, Benefits & Security Risks
- Sniffing Attack: Definition, Defense & Prevention
- Bot Management Definition, Strategies & Best Practices
- Account Takeover Fraud: Definition and Defenses
- How Secure Is a VPN & Should You Still Use One?
- Secrets Management: Tools & Methods for Authentication
- WPA3 Security: Benefits, Vulnerabilities & Comparison to WPA2
- Coronavirus Malware: Cyber Threats Rising
- Cyber Hygiene: Definition & Best Practices
- DLL Hijacking Definition Tutorial & Prevention
- Tactics to Avoid Password Leaks
- RFID Blocking: Definition, How It Works & Why You Need It
- Secure Remote Access: Technology, Policies & Usage
- Video Verification: Definition, Technology, Risks & Benefits
- Ethical Hacking: What It Is & Examples
- End-to-End Encryption (E2EE): Definition & Examples
- What Is GPS Spoofing & How Do You Defend Against It?
- Crowdfunding Scams: Common Schemes & How to Avoid Them
- What Is Public Key Infrastructure (PKI) & How Does It Work?
- What Is a Cryptographic Nonce? Definition & Meaning
- CISSP: Certified Information Systems Security Professional
- Social Engineering: How It Works, Examples & Prevention
- What Is a Botnet? Definition, How They Work & Defense
- Wired Equivalent Privacy (WEP): Definition & Risks
- What is MD5? Understanding Message-Digest Algorithms
Compliance
- SOC 1 Business Process Control Audits and Compliance
- Understanding the California Consumer Privacy Act (CCPA)
- SOC Reports Explained: Service Organization Control Necessity
- SOC 1 vs. SOC 2: Differences, Execution, and Legalities
- SOC 2 Type 2 for Service Organizations: Fairness and Trust
- GRC Tools Defined and The Best GRC Tools and Platforms for 2021
- Enhanced Due Diligence: Definition, Checks and Procedures
- Customer Identification Program (CIP): Definition & Guidelines
General Web
FAQ