Latest from todayopinionMicrosoft pushes a lot of products on users, but here’s one cybersecurity can embraceThe Entra ID P2 license is just one among many products and services that Microsoft is making mandatory for users, but its identity access management features make it a big overall security plus.By Susan Bradley05 Mar 20256 minsAccess ControlData and Information SecurityWindows Security news Misconfigured access management systems expose global enterprises to security risksBy Gyana Swain04 Mar 20254 minsAccess ControlIdentity and Access ManagementSecurityfeature What is zero trust? The security model for a distributed and risky eraBy Josh Fruhlinger28 Feb 202510 minsAccess ControlIdentity and Access ManagementZero Trust how-toHow to configure OAuth in Microsoft 365 Defender and keep your cloud secureBy Susan Bradley 27 Feb 20257 minsAccess ControlCloud SecurityWindows Security featureUnderstanding OWASP’s Top 10 list of non-human identity critical risksBy Chris Hughes 20 Feb 202513 minsData and Information SecurityIdentity and Access ManagementRisk Management featureCISOs’ top 12 cybersecurity priorities for 2025By Mary K. Pratt 27 Jan 20259 minsCloud SecurityComplianceIT Strategy feature12 cybersecurity resolutions for 2025By Aimee Chanthadavong 06 Jan 20259 minsIdentity and Access ManagementSupply Chain newsAt Ignite, Microsoft looks to genAI, exposure managment, and new bug bounties to secure enterprise IT By Shweta Sharma 19 Nov 20244 minsGenerative AIIdentity and Access ManagementSecurity newsNew Fido standard for passkeys will make it easier to change servicesBy Mikael Markander 16 Oct 20241 minIdentity and Access ManagementPasswordsSecurity ArticlesnewsOkta’s new security standard to be adopted by Google, MicrosoftThe new, open-source identity security standard will be adopted by OpenID foundation members including Microsoft, Google, Ping identity and Beyond identity. By Shweta Sharma 16 Oct 2024 3 minsIdentity and Access ManagementSecurityopinionBeware the risks of vulnerable VPNs: update, maintain, monitor, and protectVirtual private networks need special attention to ensure that they’re not a point of entry for attackers that goes far beyond just regular updating and patching. By Susan Bradley 26 Sep 2024 7 minsIdentity and Access ManagementNetwork SecurityThreat and Vulnerability Managementnews analysisLLMjacking: How attackers use stolen AWS credentials to enable LLMs and rack up costs for victimsUsers of AI cloud services such as Amazon Bedrock are increasingly being targeted by attackers who abuse stolen credentials in a new attack dubbed LLMjacking.By Lucian Constantin 20 Sep 2024 5 minsCloud SecurityHackingIdentity and Access ManagementnewsOracle adds Zero Trust Packet Routing capability to its cloud platformAn analyst says it could allow CISOs to better enforce security policies by decoupling security policies from the complexities of network configurations.By Howard Solomon 12 Sep 2024 6 minsCloud SecurityIdentity and Access ManagementZero TrustnewsApache OFBiz patches new critical remote code execution flawThe vulnerability represents a bypass of fixes put in place this year for three critical RCE flaws that had the same root cause and have since been used in attacks.By Lucian Constantin 09 Sep 2024 5 minsIdentity and Access ManagementVulnerabilitiesnewsWordPress users not on Windows urged to update due to critical LiteSpeed Cache flawUpdating to version 6.4 or higher will prevent exploitation of the vulnerability that allows attacker to gain admin access.By Lynn Greiner 23 Aug 2024 3 minsIdentity and Access ManagementThreat and Vulnerability ManagementVulnerabilitieshow-to3 key strategies for mitigating non-human identity risksFor every 1,000 human users, most networks have around 10,000 NHIs, and that can be a huge task to manage. Here are 3 fundamental areas to focus on when securing NHIs. By Chris Hughes 22 Aug 2024 6 minsData and Information SecurityIdentity and Access ManagementRisk ManagementnewsDashlane study reveals massive spike in passkey adoptionOne in five users has at least one passkey stored, but a security consultant issues a reality check, saying in a sense ‘they are still passwords.’ By Paul Barker 31 Jul 2024 5 minsIdentity and Access ManagementSecurityfeatureNHIs may be your biggest — and most neglected — security holeBecause IT has so little visibility into non-human identities, attackers are increasingly seeking them out as ultra-easy onramps to everything of value in your enterprise. The solution? Stop treating NHIs as though they are another human end-user.By Evan Schuman 23 Jul 2024 9 minsApplication SecurityIdentity and Access ManagementNetwork SecurityopinionReduce security risk with 3 edge-securing stepsNot sure where you should start to approach risk reduction in your network? If you aren’t aware of any and all risks to your edge access, you’re not reducing risk. By Susan Bradley 01 Jul 2024 6 minsIdentity and Access ManagementRisk ManagementnewsMicrosoft-owned vendor blamed for massive healthcare breachGeisinger said a former Nuance Communications employee with improper access to official records stole critical patient information.By Shweta Sharma 26 Jun 2024 3 minsData BreachIdentity and Access ManagementfeatureWhat are non-human identities and why do they matter?When digital systems need access and permissions they require credentials just like human beings. These non-human identities allow many components of complex systems to work together but present significant security issues.By Chris Hughes 03 Jun 2024 8 minsAPIsAccess ControlIdentity and Access Management Show more Show less View all Resources whitepaper Unlock Data Value: A Proven Framework To Implement Data Products This webinar explains critical data product concepts and guides your organization to effectively implement a data-products strategy and data-streaming platform that unifies your operational and analytical data for any use case. The post Unlock Data Value: A Proven Framework To Implement Data Products appeared first on Whitepaper Repository –. By CONFLUENT 24 Feb 2025Business OperationsData ArchitectureDigital Transformation View all Explore a topic Application Security Business Continuity Business Operations Careers Cloud Security Compliance Critical Infrastructure Cybercrime Industry IT Leadership Network Security Physical Security Privacy Risk Management View all topics Show me morePopularArticlesPodcastsVideos news Linux, macOS users infected with malware posing as legitimate Go packages By Shweta Sharma 07 Mar 20253 mins MalwareSecurity feature 8 obstacles women still face when seeking a leadership role in IT By Christina Wood 07 Mar 20258 mins CareersIT Leadership feature What is risk management? Quantifying and mitigating uncertainty By Josh Fruhlinger 07 Mar 202510 mins IT Governance FrameworksIT LeadershipRisk Management podcast CSO Executive Sessions: How cybersecurity impacts company ratings – A fey factor for investors and consumers 12 Feb 202527 mins Security podcast CSO Executive Sessions: Guardians of the Games – How to keep the Olympics and other major events cyber safe 07 Aug 202417 mins CSO and CISO podcast CSO Executive Session India with Dr Susil Kumar Meher, Head Health IT, AIIMS (New Delhi) 17 Jul 202417 mins CSO and CISO video CSO Executive Sessions: How cybersecurity impacts company ratings – A fey factor for investors and consumers 12 Feb 202527 mins Security video CSO Executive Sessions: How should software solution providers keep themselves and their enterprise clients safe? 26 Jan 202518 mins Security video CSO Executive Sessions: Open Source Institute’s Eric Nguyen on supply chain risks to critical infrastructure (Part 2) 14 Nov 202415 mins Critical InfrastructureIT GovernanceSupply Chain