Identity and Access Management
Watching the Watchers: Solving the Problem of Meta-Permissions
The move to the cloud and microservices has introduced new challenges in managing permissions. Software has been broken down into small, independently-deployable microservices, each with its own unique set of permissions. These ...
OpenAI Hires 1,000 Low Wage Coders to Retrain Copilot ¦ Netflix Blocks Password Sharing
Richi Jennings | | ChatGPT, Codex, github, GitHub Copilot, gitops, microsoft, Netflix, open source, OpenAI, password policies, The Long ViewIn this week’s #TheLongView: ChatGPT darling OpenAI wants people to write code in English, and the unintended consequences of blocking shared accounts ...
Okta Makes No-Code Integration Tool for Identity Platform Available
Okta today made generally available an Actions Integration capability that makes it possible to integrate third-party tools without having to write any code. Shiven Ramji, chief product officer for Okta, said this ...
Why Backups and Compliance Go Hand-in-Hand
James Ciesielski | | backups, compliance, Cybersecurity, databackup, disaster recovery, hacks, soc2 complianceIt’s hard to run a business. Besides the numerous challenges you have to deal with daily, ensuring the security of your business and customer information is essential for operating smoothly. In order ...
Session Tokens Vs. JWTs: Choosing Your Session Management Solution
In the world of authentication today, session tokens and JSON Web Tokens (JWTs) are the two most popular ways to manage user sessions and maintain a user’s authentication state between calls. Impassioned ...
Why You Should Consolidate Your IAM
It’s not often you can get a win that makes your IT processes easier while simultaneously improving your cybersecurity. In fact, oftentimes making improvements in one area (for example, improving IT processes) ...
Dev Job Phisher Steals $540M | Patch OpenSSL NOW | Systemd Dev Joins Microsoft
Richi Jennings | | Be great in act as you have been in thought, Lennart Poettering, LinkedIn, microsoft, open source, OpenSSL, phishing, recruitment, systemd, The Long ViewIn this week’s The Long View: Spear-phishing causes $540 million loss, a high severity bug in OpenSSL might be “worse than Heartbleed,” and Lennart Poettering is now working for Microsoft ...
Stytch Launches New, Flexibility-First SDK
Passwordless solutions have been a trend for a while now, improving user experience (UX) while reducing exposure to common attack vectors. Now, Stytch’s new JavaScript SDK aims to make password-free authentication a ...
Lapsus$ Shames Okta/Sitel | Bitcoin Nukes Climate | EU DMA E2EE FAIL
Richi Jennings | | bitcoin, cryptocurrency, Digital Markets Act, encryption, Europe, LAPSUS$, Okta, Sitel, The Long View, Uneasy lies the head that wears the crownIn this week’s The Long View: Okta and Sitel under fire over Lapsus$ hack, Greenpeace and others call for bitcoin change, and Europe still hates encryption ...
Apple Outage Outrage | Linux Random Redo | Okta Hacked (or Not)
Richi Jennings | | Akamai, Apple, authentication, DNS, Identity, insider threats, LAPSUS$, linux, NIST, Okta, outage, random number generator, The Long View, This above all—to thine own self be trueIn this week’s The Long View: Why Apple services were down, Linux gets a huge RNG overhaul, and we wonder if Okta was hacked again ...
Why the Built World Needs Standard APIs
Lately, new ESG initiatives have come front-and-center as companies seek to contextualize and limit their business's impact on the environment. This is especially true for the built world—a term that refers to ...
Infrastructure Access Management a Growing DevOps Priority
Nathan Eddy | | agile infrastructure, Cybersecurity, devsecops, identity and access management, least-privilegeOrganizations plan to address access management over the next 12 months, as the need to secure and streamline infrastructure-wide access controls serves as a prerequisite to other initiatives, like zero-trust. This was ...
