Identity and Access Management
HashiCorp Acquires BluBracket to Extend Secrets Management Reach
HashiCorp this week acquired BluBracket to add a set of static secrets discovery tools to its portfolio ...
AWS Identity and Access Management (IAM) Roles and How to use Them
Amazon Web Services relies on the AWS IAM service to govern who is authenticated and authorized to use AWS resources. It plays a hugely significant role in AWS security–and so do its ...
FIDO/WebAuthn Passkeys is Inevitable: Get on the Train ¦ IBM CEO Hates WFH
Richi Jennings | | 2FA, Arvind Krishna, authentication, devsecops, FIDO, google, Hybrid Work environment, ibm, managing remote workers, MFA, multi-factor authentication, multifactor authentication, Passkeys, Remote work, The Long View, two factor, WebAuthn, WFH, work from home, working from homeIn this week’s #TheLongView: The Passkeys authentication standard gets a huge boost, and Arvind Krishna wants workers back in the office ...
Watching the Watchers: Solving the Problem of Meta-Permissions
The move to the cloud and microservices has introduced new challenges in managing permissions. Software has been broken down into small, independently-deployable microservices, each with its own unique set of permissions. These ...
OpenAI Hires 1,000 Low Wage Coders to Retrain Copilot ¦ Netflix Blocks Password Sharing
Richi Jennings | | ChatGPT, Codex, github, GitHub Copilot, gitops, microsoft, Netflix, open source, OpenAI, password policies, The Long ViewIn this week’s #TheLongView: ChatGPT darling OpenAI wants people to write code in English, and the unintended consequences of blocking shared accounts ...
Okta Makes No-Code Integration Tool for Identity Platform Available
Okta today made generally available an Actions Integration capability that makes it possible to integrate third-party tools without having to write any code. Shiven Ramji, chief product officer for Okta, said this ...
Why Backups and Compliance Go Hand-in-Hand
James Ciesielski | | backups, compliance, Cybersecurity, databackup, disaster recovery, hacks, soc2 complianceIt’s hard to run a business. Besides the numerous challenges you have to deal with daily, ensuring the security of your business and customer information is essential for operating smoothly. In order ...
Session Tokens Vs. JWTs: Choosing Your Session Management Solution
In the world of authentication today, session tokens and JSON Web Tokens (JWTs) are the two most popular ways to manage user sessions and maintain a user’s authentication state between calls. Impassioned ...
Why You Should Consolidate Your IAM
It’s not often you can get a win that makes your IT processes easier while simultaneously improving your cybersecurity. In fact, oftentimes making improvements in one area (for example, improving IT processes) ...
Dev Job Phisher Steals $540M | Patch OpenSSL NOW | Systemd Dev Joins Microsoft
Richi Jennings | | Be great in act as you have been in thought, Lennart Poettering, LinkedIn, microsoft, open source, OpenSSL, phishing, recruitment, systemd, The Long ViewIn this week’s The Long View: Spear-phishing causes $540 million loss, a high severity bug in OpenSSL might be “worse than Heartbleed,” and Lennart Poettering is now working for Microsoft ...
Stytch Launches New, Flexibility-First SDK
Passwordless solutions have been a trend for a while now, improving user experience (UX) while reducing exposure to common attack vectors. Now, Stytch’s new JavaScript SDK aims to make password-free authentication a ...
Lapsus$ Shames Okta/Sitel | Bitcoin Nukes Climate | EU DMA E2EE FAIL
Richi Jennings | | bitcoin, cryptocurrency, Digital Markets Act, encryption, Europe, LAPSUS$, Okta, Sitel, The Long View, Uneasy lies the head that wears the crownIn this week’s The Long View: Okta and Sitel under fire over Lapsus$ hack, Greenpeace and others call for bitcoin change, and Europe still hates encryption ...
