#IdentityManagement

Okta Warns Once Again of Credential-Stuffing Attacks

by

May 30, 2024 at 11:53AM Okta, an identity management service provider, is warning of credential-stuffing attacks against its Customer Identity Cloud’s cross-origin authentication feature. The company has provided guidance for mitigating the attacks and preventing them, including monitoring event logs for specific indicators and enabling breached password detection. Further defense measures include passwordless authentication, strong … Read more

Okta Warns of Credential Stuffing Attacks Targeting Cross-Origin Authentication

by

May 30, 2024 at 07:54AM Okta warns customers of credential stuffing attacks targeting its Customer Identity Cloud’s cross-origin authentication feature. The company advises reviewing logs for suspicious activity, rotating compromised passwords, and enrolling in passwordless authentication. Okta recommends strong password requirements, multi-factor authentication, and other security measures to mitigate the risks. Shares of Okta are … Read more

Okta Warns of Credential Stuffing Attacks Targeting Customer Identity Cloud

by

May 30, 2024 at 03:09AM Okta warns of credential stuffing susceptibility in Customer Identity Cloud, mentioning proactive communication with impacted customers. Users are advised to review tenant logs for unusual login events, rotate credentials, and restrict cross-origin authentication. Other mitigations include breached password detection, strong password enforcement, and passwordless, phishing-resistant authentication. The warning follows an … Read more

Trends at the 2024 RSA Startup Competition

by

May 22, 2024 at 01:03PM The RSA Conference 2024’s Innovation Sandbox highlighted emerging trends in AI security, deepfake detection, AI data security, and automation’s identity management. Reality Defender won for its deepfake detection capabilities, as startups showcased advanced AI security and detection technology. Startups are adapting to AI adversaries and data vulnerabilities, foreseeing reinvention of … Read more

CyberArk Picks Up Machine Identity Manager Venafi For $1.54B

by

May 20, 2024 at 05:09PM CyberArk will acquire Venafi for over $1.5 billion from Thoma Bravo to enhance its machine identity security. This move will enable CyberArk to address the increasing risk posed by machine identities in enterprise IoT environments and solidify its position as a market leader. The deal is expected to be completed … Read more

Token Security Launches Machine-Centric IAM Platform

by

May 9, 2024 at 08:50AM Token Security provides a “machine-first” identity security platform for managing identities in the cloud and microservices era, focusing on visibility and continuous threat exposure management. The platform integrates with major infrastructure platforms and identity providers, and has secured $7 million in seed funding. Founders Itamar Apelblat and Ido Shlomo have … Read more

Token Security Raises $7 Million Seed Funding for Machine-First Identity Security

by

May 8, 2024 at 03:33PM Token Security, based in Tel Aviv, has obtained $7 million in seed funding and aims to address the rising challenge of identity security, prioritizing machine identities over human ones. Conventional human-focused identity management is no longer sufficient, as the number of machine identities has surged, leading to increased vulnerability. Token’s … Read more

Anetac Targets Service Account Security

by

May 6, 2024 at 08:37AM Anetac addresses the challenge of monitoring, securing, and managing scattered service accounts, APIs, and access keys in modern applications. Their dynamic security and identity management platform aims to protect service accounts and prevent breaches by identifying and responding to incidents involving abused accounts. Anetac has raised $16 million in funding … Read more

Oasis Security Raises $35 Million to Tackle Non-Human Identity Management

by

May 1, 2024 at 02:58PM Identity management startup Oasis Security secured $35 million in a Series A extension round, totaling $75 million raised. The round, led by Accel, Cyberstarts, and Sequoia Capital, aims to help organizations manage Non-Human Identities (NHI) securely. Their software offers agentless connection, built-in analytics, severity scoring, and tailored remediation. The funding … Read more

5 Hard Truths About the State of Cloud Security 2024

by

April 23, 2024 at 05:07PM Cloud security has progressed but still has a long way to go, with breaches costing organizations heavily. John Kindervag, a zero trust security proponent, emphasizes that simply moving to the cloud doesn’t make organizations more secure. Meanwhile, native security controls are hard to manage, and identity alone won’t save the … Read more