As the head of security for DEF CON, I’ve seen a lot of articles (and a bit of scaremongering) around the threats at the event. While DEF CON is a technically hostile environment, I promise, it is not a dystopian wasteland. A little common sense goes a LONG way.
Here’s your basic guide for how to stay safe:
Don’t bring your work devices. Use…
When was the last time you heard about a data breach? It wouldn’t be surprising if you said “just recently” or “last week”. According to the IBM-sponsored 2017 Cost of a Data Breach Study by Ponemon, one out of four organizations will experience a breach. As companies move to the cloud, so does sensitive data. It’s now more important than ever to…
The ability to reset your password is an essential system requirement.
With so many online services available, it’s common to have multiple user accounts for the various apps and services you interact with every day. Security doctrine dictates that you need a different password for each account, and that you update each one regularly. With so many…
If you do a little research to try and define millennials by date or age range, you will find many competing definitions. Some measure this generational category from the mid-1970s to 2000, others state 1996 is the end date, and few only consider someone to be a millennial if they were born after the mid-1980s. However, the one underlying…
Social login gives application users the ability to apply existing login information from their social media accounts to register and sign into third-party sites. But before we jump into the topic of whether social login is secure or not, let’s answer the question below.
Do users really want social login? (Spoiler alert: Yes!)
From a user’s point…
Trust is the cornerstone of any successful customer relationship and organizations now have more opportunities than ever to gain that trust. In today’s interconnected world, companies are constantly handling sensitive customer data—and how they use and secure that data plays a huge role in determining the trust customers place in them.
A breach…
Biometric authentication — using the unique biological characteristics of an individual to verify their identity — has been around since the dawn of humankind.
Think about it: humans use facial and voice recognition every day to identify each other. Signature recognition came about when the first contracts were originally created, and fingerprints…
In recent years, the threat of cyber attacks has grown steadily. Many large enterprises have suffered devastating attacks, despite having security resources in place. Why are so many falling prey to attacks? The answers are manifold, but one of the leading causes is the misuse and abuse of privileges, opening up an easy path for attackers to…
Several weeks ago a new critical vulnerability was discovered that affects many SAML implementations. This vulnerability was first reported by Kelby Ludwig of Duo Security and is particularly interesting to us (as a user management company) as it can be used to bypass authentication in a sinisterly simplistic way.
In this post, we’ll take an in…
Halloween has always been my favorite holiday. With plenty of candy, ghosts, monsters, scary movies and mystery in the air, it’s hard not to get excited.
Each year I try to cram as many scary movies into the month of October as possible in order to get myself into the Halloween spirit. It’s become a family tradition. Surprisingly, there’s only one…