iam – Page 22 – WindowsTechs.com

Security Risks to Consider When Deploying Containers on Docker

Posted on July 7, 2017 by Tripwire Guest Authors

Docker – a platform for OS-level virtualization instances known as containers – has become a hugely popular infrastructure technology. Flexible containerization is completely changing the way we build and maintain applications at scale, with analyst group RedMonk identifying the large enterprise market as a key driving force. Towards the end of April, Docker CEO Ben […]… Read More

The post Security Risks to Consider When Deploying Containers on Docker appeared first on The State of Security.

Continue reading Security Risks to Consider When Deploying Containers on Docker→

IAM, The Yin and Yang

Posted on June 23, 2017 by Marc Handelman

Interesting IAM posting by Steve Mowll and Chris Williams, targeting IAM and AD integration with a Yin-Yang v… Continue reading IAM, The Yin and Yang→

IAM, The Yin and Yang

Posted on June 23, 2017 by Marc Handelman

Interesting IAM posting by Steve Mowll and Chris Williams, targeting IAM and AD integration with a Yin-Yang v… Continue reading IAM, The Yin and Yang→

NIST finalizes radical update of digital ID guidelines

Posted on June 22, 2017 by Shaun Waterman

Federal scientists at the National Institute of Standards and Technology have finalized a major update to their guidelines on digital identity authentication, getting rid of outdated requirements like the regular changing of passwords and introducing standards for the use of biometrics and keysticks or other authenticating two-factor tokens. The final document, dubbed NIST Special Publication 800-63, is the third revision of the guidelines and the end product of a year-plus long process of public consultation, NIST Senior Standards and Technology Advisor Paul Grassi said in a blog post. More than 74,000 unique visitors looked at the drafts of the revised document on the agency’s website over the past year, he said, and there were more than 14000 comments submitted. “There is no way a document this comprehensive could have evolved without the direct input of stakeholders, who contributed consistently throughout the drafting process,” wrote Grassi, adding that this was the agency’s first […]

The post NIST finalizes radical update of digital ID guidelines appeared first on Cyberscoop.

Continue reading NIST finalizes radical update of digital ID guidelines→

Great post on the RNC AWS file leak discovery from UpGuard

Posted on June 20, 2017 by Michael Farnum

UpGuard’s post on their discovery of the RNC data is trending big time on the netsec subreddit. I highly recommend going to read the post if you want to know what they found. But in a nutshell, it all centers around the misconfiguration of permissions to the AWS S3 bucket where the database was stored. …

Yin and Yang: Two Views on IAM – Active Directory Automation, Success or Failure?

Posted on June 13, 2017 by Chris Williams

By Steve Mowll and Chris Williams Point: Effective identity management strategies are business-based, and should rise above technical limitations. Steve Mowll, Identity Architect, RSA True point, but in order to have effective strategies, they must be directed towards a desired outcome. Let’s take a look at this idea using Active Directory (AD) projects as an…

The post Yin and Yang: Two Views on IAM – Active Directory Automation, Success or Failure? appeared first on Speaking of Security – The RSA Blog.

Continue reading Yin and Yang: Two Views on IAM – Active Directory Automation, Success or Failure?→

YIN AND YANG: TWO VIEWS ON IAM – NATURE OR NURTURE

Posted on May 4, 2017 by Chris Williams

By Steve Mowll and Chris Williams Question: When it comes to the complexities of identity management, is what we try to do in identity management the problem or is it just inherently hard? Point: We might be making it harder than it needs to be. Setting complex requirements may affect long-term suitability and success. Chris…

The post YIN AND YANG: TWO VIEWS ON IAM – NATURE OR NURTURE appeared first on Speaking of Security – The RSA Blog.

Continue reading YIN AND YANG: TWO VIEWS ON IAM – NATURE OR NURTURE→

Campaign Lessons Learned—Part 3: Authenticity, Authority and Access

Posted on May 1, 2017 by C. Warren Axelrod

From the cybersecurity professionals’ point of view, identity and access management (IAM) is really all a matter of authenticity, authorization and access permissions. Similarly, if the origin of a news item or blog or comment can be traced to a provably authoritative source, then it is more likely to be taken to be true than […]

Continue reading Campaign Lessons Learned—Part 3: Authenticity, Authority and Access→

Why privileged accounts are catnip to hackers.

Posted on February 15, 2017 by Let's Talk Security

By Bas de Graaf, Head of Product Management — Security Consulting, BT. Defending your privileged accounts should be high on your list of security priorities. Bas de Graaf explains why. The keystone to your security stance. If your network were an architectural arch, your privileged accounts would be the keystone. Once a hacker breaks them, […] Continue reading Why privileged accounts are catnip to hackers.→

Practical IAM

Posted on September 20, 2016 by Marc Handelman

Permalink Continue reading Practical IAM→