handmade.social

WorteksLes mots de passe sont-ils morts ? Quelle est la différence entre gestion des identités et gestion des accès ? C'est quoi le 2FA, le MFA, le PasswordLess ?🎙️ Les réponses à ces questions et bien plus, dans le nouvel épisode du podcast "Tout est sous CTRL" par Centreon !🎧 Écoutez l'épisode maintenant sur votre plateforme préférée : <a href="https://open.spotify.com/show/24LgLR47tKMx1zN0Fg2bub" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://open.spotify.com/show/24LgLR47tKMx1zN0Fg2bub</a> <a href="https://www.deezer.com/fr/show/1001329601" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.deezer.com/fr/show/1001329601</a> <a href="https://podcasts.apple.com/us/podcast/tout-est-sous-ctrl/id1784998561" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://podcasts.apple.com/us/podcast/tout-est-sous-ctrl/id1784998561</a> <a href="https://antennapod.org/deeplink/subscribe/?url=%68%74%74ps%3A%2F%2Fanchor.fm%2Fs%2Ffc0eaedc%2Fpodcast%2Frss&title=Tout+est+sous+CTRL" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://antennapod.org/deeplink/subscribe/?url=%68%74%74ps%3A%2F%2Fanchor.fm%2Fs%2Ffc0eaedc%2Fpodcast%2Frss&title=Tout+est+sous+CTRL</a> <a href="https://www.youtube.com/watch?v=lBR8vA8NIuE" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.youtube.com/watch?v=lBR8vA8NIuE</a><a href="https://mastodon.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://mastodon.social/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://mastodon.social/tags/2FA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#2FA</a> <a href="https://mastodon.social/tags/MFA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MFA</a> <a href="https://mastodon.social/tags/IGA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IGA</a> <a href="https://mastodon.social/tags/LDAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LDAP</a> <a href="https://mastodon.social/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSO</a>

Paul Sanders 😎Fancy some typical <a href="https://infosec.exchange/tags/linkedin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linkedin</a> posts about <a href="https://infosec.exchange/tags/Yobah" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Yobah</a>? It’ll be written to fit into the algorithm, but you might find some cool info or news. Most of my upcoming <a href="https://infosec.exchange/tags/blog" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#blog</a> posts on <a href="https://infosec.exchange/tags/iam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iam</a>, <a href="https://infosec.exchange/tags/zerotrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zerotrust</a> and <a href="https://infosec.exchange/tags/entraID" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#entraID</a> will be posted here first.Would love it if you could drop us a follow :)<a href="https://www.linkedin.com/company/the-yobah-network/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.linkedin.com/company/the-yobah-network/</a>

Paul Sanders 😎If you want to know more about <a href="https://infosec.exchange/tags/yobah" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#yobah</a>, then why not visit the website at <a href="https://yobah.co.uk" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://yobah.co.uk</a>? <a href="https://infosec.exchange/tags/introduction" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#introduction</a> <a href="https://infosec.exchange/tags/strategy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#strategy</a> <a href="https://infosec.exchange/tags/architect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#architect</a> <a href="https://infosec.exchange/tags/iam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iam</a> <a href="https://infosec.exchange/tags/zerotrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zerotrust</a> <a href="https://infosec.exchange/tags/infrastructure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infrastructure</a> <a href="https://infosec.exchange/tags/sccm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sccm</a> <a href="https://infosec.exchange/tags/manchester" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#manchester</a> <a href="https://infosec.exchange/tags/uk" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#uk</a> <a href="https://infosec.exchange/tags/Yobah" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Yobah</a> <a href="https://infosec.exchange/tags/consultancy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#consultancy</a>

Paul Sanders 😎Think it’s time to update my <a href="https://infosec.exchange/tags/introduction" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#introduction</a> post. Hi! I’m a <a href="https://infosec.exchange/tags/strategy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#strategy</a> <a href="https://infosec.exchange/tags/architect" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#architect</a> by trade, focusing mostly on <a href="https://infosec.exchange/tags/iam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iam</a> and <a href="https://infosec.exchange/tags/zerotrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#zerotrust</a> - albeit a long history in <a href="https://infosec.exchange/tags/infrastructure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infrastructure</a> architecture. Cut my teeth as it were during the virtualisation revolution (I feel older than that 😂) Prior to that, I did desktop builds using Norton ghost and then <a href="https://infosec.exchange/tags/sccm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sccm</a>.I live in <a href="https://infosec.exchange/tags/manchester" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#manchester</a>, <a href="https://infosec.exchange/tags/uk" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#uk</a> and started <a href="https://infosec.exchange/tags/Yobah" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Yobah</a> - a boutique <a href="https://infosec.exchange/tags/consultancy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#consultancy</a> working on strategy transformation.Feel free to reach out and say hi!

LDAP Tool Box ProjectLTB packages for OpenLDAP 2.5.19 and 2.6.9 are available!These packages provide the new versions released by the OpenLDAP core team and some add-ons from the LDAP Tool Box projectMore information on <a href="https://projects.ow2.org/view/ldaptoolbox/ltb-openldap-2-5-19-and-2-6-9-packages-released/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://projects.ow2.org/view/ldaptoolbox/ltb-openldap-2-5-19-and-2-6-9-packages-released/</a><a href="https://floss.social/tags/LDAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#LDAP</a> <a href="https://floss.social/tags/OpenLDAP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenLDAP</a> <a href="https://floss.social/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://floss.social/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://floss.social/tags/FreeSoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FreeSoftware</a>

Jack Poller<a href="https://siliconangle.com/2024/11/20/ai-meets-cybersecurity-twine-launches-12m-funding-digital-cyber-employees/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://siliconangle.com/2024/11/20/ai-meets-cybersecurity-twine-launches-12m-funding-digital-cyber-employees/</a><a href="https://infosec.exchange/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/IdentityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IdentityManagement</a> <a href="https://infosec.exchange/tags/Automation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Automation</a> <a href="https://infosec.exchange/tags/TechInnovation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechInnovation</a> <a href="https://infosec.exchange/tags/AIinCyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AIinCyber</a> <a href="https://infosec.exchange/tags/DigitalTransformation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DigitalTransformation</a> <a href="https://infosec.exchange/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://infosec.exchange/tags/IdentitySecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IdentitySecurity</a> <a href="https://infosec.exchange/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://infosec.exchange/tags/Funding" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Funding</a> 5/5

Jack Poller<a href="https://venturebeat.com/security/zitadel-targets-developers-with-open-source-identity-management-platform/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://venturebeat.com/security/zitadel-targets-developers-with-open-source-identity-management-platform/</a><a href="https://infosec.exchange/tags/IdentityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IdentityManagement</a> <a href="https://infosec.exchange/tags/CIAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CIAM</a> <a href="https://infosec.exchange/tags/CustomerIdentityManagement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CustomerIdentityManagement</a> <a href="https://infosec.exchange/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSource</a> <a href="https://infosec.exchange/tags/PasswordlessAuthentication" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PasswordlessAuthentication</a> <a href="https://infosec.exchange/tags/DeveloperTools" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DeveloperTools</a> <a href="https://infosec.exchange/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://infosec.exchange/tags/CloudNative" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CloudNative</a> <a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://infosec.exchange/tags/Innovation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Innovation</a> <a href="https://infosec.exchange/tags/Funding" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Funding</a> 5/5

yawnbox :rebel:I've written a new blog post (9000 words) taking a moderately deep dive into "Threat Modeling YubiKeys and Passkeys"<a href="https://yawnbox.is/blog/threat-modeling-yubikeys-and-passkeys/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://yawnbox.is/blog/threat-modeling-yubikeys-and-passkeys/</a>I greatly welcome feedback as I want to make sure I'm not misrepresenting anything. I want to make it better if it can be improved. I'm happy to be wrong, just please provide details and links!also, i need a job! if you like my work, maybe you know of something where i'd be a good fit.<a href="https://disobey.net/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://disobey.net/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://disobey.net/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://disobey.net/tags/FIDO2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FIDO2</a> <a href="https://disobey.net/tags/WebAuthn" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WebAuthn</a> <a href="https://disobey.net/tags/YubiKey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#YubiKey</a> <a href="https://disobey.net/tags/YubiKeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#YubiKeys</a> <a href="https://disobey.net/tags/passkey" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passkey</a> <a href="https://disobey.net/tags/passkeys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#passkeys</a> <a href="https://disobey.net/tags/GetFediHired" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GetFediHired</a>

Tedi HeriyantoStarter guide to understanding Okta: <a href="https://www.elastic.co/security-labs/starter-guide-to-understanding-okta" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.elastic.co/security-labs/starter-guide-to-understanding-okta</a><a href="https://infosec.exchange/tags/okta" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#okta</a> <a href="https://infosec.exchange/tags/iam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iam</a>

HN SecurityOur security researchers @cod_rse@twitter.com and <a href="https://infosec.exchange/@inode" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@inode</a> conducted a security assessment on <a href="https://infosec.exchange/tags/Keycloak" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Keycloak</a>, identifying significant vulnerabilities impacting this open-source <a href="https://infosec.exchange/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> solution.Read the full article at <a href="https://security.humanativaspa.it/an-analysis-of-the-keycloak-authentication-system" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://security.humanativaspa.it/an-analysis-of-the-keycloak-authentication-system</a>

securityaffairsThird-Party Identities: The Weakest Link in Your Cybersecurity <a href="https://infosec.exchange/tags/Supply" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Supply</a> <a href="https://infosec.exchange/tags/Chain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Chain</a> <a href="https://securityaffairs.com/170324/security/third-party-identities-cybersecurity-supply-chain.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://securityaffairs.com/170324/security/third-party-identities-cybersecurity-supply-chain.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a>

Guardians Of Cyber💡 Did you know that 67% of organizations are already adopting the Principle of Least Privilege (PoLP) to minimize security risks? 💡Limiting user permissions is one of the simplest, yet most powerful ways to protect sensitive data from threats—both internal and external.How do you handle permissions in your organization? Do you apply least privilege principles?Learn more about how PoLP can strengthen your security here: <a href="https://guardiansofcyber.com/learning-hub/least-permissions-model/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://guardiansofcyber.com/learning-hub/least-permissions-model/</a><a href="https://infosec.exchange/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://infosec.exchange/tags/GuardiansOfCyber" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#GuardiansOfCyber</a> <a href="https://infosec.exchange/tags/DataProtection" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DataProtection</a> <a href="https://infosec.exchange/tags/ZeroTrust" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ZeroTrust</a> <a href="https://infosec.exchange/tags/PoLP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PoLP</a> <a href="https://infosec.exchange/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://infosec.exchange/tags/PAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PAM</a> <a href="https://infosec.exchange/tags/SecurityBestPractices" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecurityBestPractices</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://infosec.exchange/tags/Guardians" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Guardians</a> <a href="https://infosec.exchange/tags/TechTips" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechTips</a>

GÉANTThe <a href="https://mstdn.social/tags/TNC25" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TNC25</a> Call for Proposals for single presentations and side meetings is now open!Whether you’re a long-standing member of the community, or have just joined the <a href="https://mstdn.social/tags/research" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#research</a> and <a href="https://mstdn.social/tags/education" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#education</a> world and are working on a cool project, TNC25 invites you to submit your proposals!➡️ Check guidelines & apply before 28 Nov: <a href="https://tnc25.geant.org/submit" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://tnc25.geant.org/submit</a><a href="https://mstdn.social/tags/NRENs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NRENs</a> <a href="https://mstdn.social/tags/HigherEducation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HigherEducation</a> <a href="https://mstdn.social/tags/HigherEd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HigherEd</a> <a href="https://mstdn.social/tags/Networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Networking</a> <a href="https://mstdn.social/tags/Network" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Network</a> <a href="https://mstdn.social/tags/connectivity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#connectivity</a> <a href="https://mstdn.social/tags/cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloud</a> <a href="https://mstdn.social/tags/TrustAndIdentity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TrustAndIdentity</a> <a href="https://mstdn.social/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://mstdn.social/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://mstdn.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://mstdn.social/tags/OpenScience" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenScience</a> <a href="https://mstdn.social/tags/HPC" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HPC</a> <a href="https://mstdn.social/tags/Quantum" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Quantum</a> <a href="https://mstdn.social/tags/AI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AI</a>

yawnbox :rebel:<a href="https://disobey.net/tags/WindowsHello" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#WindowsHello</a> will soon offer users an option to sync their passkeys to their Microsoft account making them no longer device-boundagain, this changes the threat model for enterprises, if they care about such details. a device-bound passkey means the private key material exists no where else in the world. Cloud syncing of private keys is basically the same for TOTP private seeds -- those cloud providers, while encrypting the data at rest, do in fact have clear-text access to those secrets -- making them targets of social engineers, law enforcement, nation states and other hackers.(only an end-to-end encryption cloud storage solution like Apple's Advanced Data Protection would protect synced passkeys)HT <a href="https://social.tchncs.de/@jesterchen" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@jesterchen</a> <a href="https://blogs.windows.com/windowsdeveloper/2024/10/08/passkeys-on-windows-authenticate-seamlessly-with-passkey-providers/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blogs.windows.com/windowsdeveloper/2024/10/08/passkeys-on-windows-authenticate-seamlessly-with-passkey-providers/</a><a href="https://disobey.net/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://disobey.net/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://disobey.net/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a>

LeeRaylIn my 18 years of IAM work the biggest mistake I see is rushing to secure 1 thing not all the things.“We need SAML for AWS for <insert governance here>”That is the wrong way to start any new or rebuilding of a IAM program or project.The complexity of IAM is worth the time to plan. Example: defining the source of truth, ensuring the integrity and confidentiality is critical, roles and entitlements are needed, an IdP needs to be established and tested, source of truth matches the directory, syncing the directory and IdP, implementation of authentication of the users with the IdP and MFA/ZTA configured.All that is really important and barely enough to illustrate my point of the amount of work for that one app requires Picasso like experience with a Michelangelo touch <a href="https://infosec.exchange/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://infosec.exchange/tags/SSO" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSO</a> <a href="https://infosec.exchange/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a>

AWS-CloudSec.com📣 Issue 64 is out. Highlights:- Amazon Inspector enhances engine for Lambda standard scanning. - AWS Serverless Application Repository now supports AWS PrivateLink. - AWS CloudTrail launches network activity events for VPC endpoints (preview). - AWS announces Security Group Referencing on AWS Transit Gateway. - Amazon Aurora MySQL now supports RDS Data API. - PostgreSQL 17.0 is now available in Amazon RDS Database preview environment. - Chatbot management policy introduced in AWS Organizations. - Amazon SES adds HTTPS open tracking for custom domains. - Amazon Redshift announces mTLS support for Amazon MSK. - Storm-0501: Ransomware attacks expanding to hybrid cloud environments. - Your AWS EC2 Has Been Hacked. What Will Happen Now? by Sena Yakut - Threat brief-Unraveling SloppyLemming’s operations across South Asia.<a href="https://infosec.exchange/tags/aws" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#aws</a> <a href="https://infosec.exchange/tags/iam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iam</a> <a href="https://infosec.exchange/tags/threat" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#threat</a> <a href="https://infosec.exchange/tags/cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloud</a> <a href="https://infosec.exchange/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a><a href="https://aws-cloudsec.com/p/issue-64" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://aws-cloudsec.com/p/issue-64</a>

Bob Young"What was the name of your first pet?" NIST SP 800-63B latest authentication guidelines and requirements. Highly technical, and very long. Nevertheless, if you're in cybersecurity and involved with authentication, you should read it.The screenshot is from the most recent version I'm aware of, dated 28 August 2024.<a href="https://infosec.exchange/tags/CallMeIfYouNeedMe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CallMeIfYouNeedMe</a> <a href="https://infosec.exchange/tags/FIFONetworks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#FIFONetworks</a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://infosec.exchange/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://infosec.exchange/tags/NIST" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NIST</a><a href="https://pages.nist.gov/800-63-4/sp800-63b.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://pages.nist.gov/800-63-4/sp800-63b.html</a>

Identity at the CenterJoin us on the latest episode of the Identity at the Center podcast as we explore the critical components of a successful IAM program. We break down the key elements required to build a solid foundation for your IAM program and set you up for success. Watch at <a href="https://www.youtube.com/watch?v=5-kRe187AG0" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.youtube.com/watch?v=5-kRe187AG0</a> or listen in your podcast app.<a href="https://infosec.exchange/tags/iam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#iam</a> <a href="https://infosec.exchange/tags/podcast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#podcast</a> <a href="https://infosec.exchange/tags/idac" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#idac</a>

Paul Sanders 😎Identity and Access management (<a href="https://infosec.exchange/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a>) is such a critical component to any <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> / <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> architecture. Never mind the business improvements and benefits that can come from managing users and access. So, I’ve decided to offer a free discovery call to run through where you are with identity, what issues you face and what the art of the possible it. At the end of it - I’ll even drop you a report with everything we discussed and some extra recommendations on what else can be done. Feel free to book some time with me below:<a href="https://content.yobah.co.uk/how-does-your-identity-strategy-stack-up" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://content.yobah.co.uk/how-does-your-identity-strategy-stack-up</a>

GÉANT🌊 🎡 TNC is setting sail for <a href="https://mstdn.social/tags/Brighton" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Brighton</a>!We are excited to announce that <a href="https://mstdn.social/tags/TNC25" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TNC25</a> will take place from 9 to 13 June 2025 in Brighton, UK - Hosted by Jisc!👉 <a href="https://tnc25.geant.org" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://tnc25.geant.org</a>TNC is the largest and most prestigious <a href="https://mstdn.social/tags/research" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#research</a> & <a href="https://mstdn.social/tags/education" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#education</a> <a href="https://mstdn.social/tags/networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#networking</a> conference, attracting a diverse audience of >800 participants from >70 countries.<a href="https://mstdn.social/tags/NRENs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NRENs</a> <a href="https://mstdn.social/tags/Innovation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Innovation</a> <a href="https://mstdn.social/tags/science" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#science</a> <a href="https://mstdn.social/tags/Network" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Network</a> <a href="https://mstdn.social/tags/Europe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Europe</a> <a href="https://mstdn.social/tags/eInfrastructure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#eInfrastructure</a> <a href="https://mstdn.social/tags/eduroam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#eduroam</a> <a href="https://mstdn.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://mstdn.social/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://mstdn.social/tags/cloud" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cloud</a> <a href="https://mstdn.social/tags/trustandidentity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#trustandidentity</a> <a href="https://mstdn.social/tags/IAM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#IAM</a> <a href="https://mstdn.social/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tech</a> <a href="https://mstdn.social/tags/openscience" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openscience</a>

Recent searches

Search options

Administered by:

Server stats:

#iam