Identity and Access Management
Why You Should Consolidate Your IAM
It’s not often you can get a win that makes your IT processes easier while simultaneously improving your cybersecurity. In fact, oftentimes making improvements in one area (for example, improving IT processes) ...
Dev Job Phisher Steals $540M | Patch OpenSSL NOW | Systemd Dev Joins Microsoft
Richi Jennings | | Be great in act as you have been in thought, Lennart Poettering, LinkedIn, microsoft, open source, OpenSSL, phishing, recruitment, systemd, The Long ViewIn this week’s The Long View: Spear-phishing causes $540 million loss, a high severity bug in OpenSSL might be “worse than Heartbleed,” and Lennart Poettering is now working for Microsoft ...
Stytch Launches New, Flexibility-First SDK
Passwordless solutions have been a trend for a while now, improving user experience (UX) while reducing exposure to common attack vectors. Now, Stytch’s new JavaScript SDK aims to make password-free authentication a ...
Lapsus$ Shames Okta/Sitel | Bitcoin Nukes Climate | EU DMA E2EE FAIL
Richi Jennings | | bitcoin, cryptocurrency, Digital Markets Act, encryption, Europe, LAPSUS$, Okta, Sitel, The Long View, Uneasy lies the head that wears the crownIn this week’s The Long View: Okta and Sitel under fire over Lapsus$ hack, Greenpeace and others call for bitcoin change, and Europe still hates encryption ...
Apple Outage Outrage | Linux Random Redo | Okta Hacked (or Not)
Richi Jennings | | Akamai, Apple, authentication, DNS, Identity, insider threats, LAPSUS$, linux, NIST, Okta, outage, random number generator, The Long View, This above all—to thine own self be trueIn this week’s The Long View: Why Apple services were down, Linux gets a huge RNG overhaul, and we wonder if Okta was hacked again ...
Why the Built World Needs Standard APIs
Lately, new ESG initiatives have come front-and-center as companies seek to contextualize and limit their business's impact on the environment. This is especially true for the built world—a term that refers to ...
Infrastructure Access Management a Growing DevOps Priority
Nathan Eddy | | agile infrastructure, Cybersecurity, devsecops, identity and access management, least-privilegeOrganizations plan to address access management over the next 12 months, as the need to secure and streamline infrastructure-wide access controls serves as a prerequisite to other initiatives, like zero-trust. This was ...
Rails 7 FTW | WFH is SOP | 586M Passwords Dumped
Richi Jennings | | FBI, Have I Been Pwned, National Crime Agency, password security, remote working, Ruby on Rails, The Long View, WFH, work from homeIn this week’s The Long View: Ruby on Rails 7.0 is go, working from home is still de rigueur, and HIBP gets far, far bigger ...
DevOps Teams Struggling to Keep Secrets
A growing number of organizations are suffering security incidents related to exposed secrets in DevOps CI/CD pipelines, according to a recent ThycoticCentrify report. The study paints a troubling picture: Only 5% of ...
Authentication in Serverless Apps—What Are the Options?
Serverless applications are growing in popularity among DevOps engineers. They provide a convenient, predictable way to run simple processes like CI/CD builds or automation scripts with no need to stand up infrastructure ...
Enterprise Blockchain Adoption Hinges on DevOps
There is a lot of excitement around blockchain right now, for a good reason. Production use cases continue to emerge across sectors such as manufacturing, energy, air travel, insurance and finance. Gartner ...
Popular iOS Apps Request Excessive User Data Permissions
Bill Doerrfeld | | application architecture, data protection, end user experience, end user monitoringMost apps require some sort of user data to function properly. Google Maps needs location data to offer routing services. Twitter needs photo library access to upload a photo, and so on ...
