Tag: guide
-
NDSS 2025 PBP: Post-Training Backdoor Purification For Malware Classifiers
Session 12B: Malware Authors, Creators & Presenters: Dung Thuy Nguyen (Vanderbilt University), Ngoc N. Tran (Vanderbilt University), Taylor T. Johnson (Vanderbilt University), Kevin Leach (Vanderbilt University) PAPER PBP: Post-Training Backdoor Purification for Malware Classifiers In recent years, the rise of machine learning (ML) in cybersecurity has brought new challenges, including the increasing threat of backdoor…
-
Guide to Setting Up OpenID Connect for Enterprises
Learn how to implement OpenID Connect (OIDC) for enterprise SSO. Technical guide for engineering leaders on identity providers, scopes, and secure integration. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/guide-to-setting-up-openid-connect-for-enterprises/
-
Is SSO the Same as SAML?
Confused about sso vs saml? Learn the difference between the authentication process and the XML-based protocol. Essential guide for engineering leaders and ctos. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/is-sso-the-same-as-saml/
-
Navigating MiCA: A Practical Compliance Guide for European CASPs
MiCA creates a single EU crypto rulebook, replacing national regimes with unified licensing, capital, and compliance rules for all CASPs. First seen on hackread.com Jump to article: hackread.com/navigating-mica-compliance-guide-european-casps/
-
The Buyer’s Guide to AI Usage Control
Today’s “AI everywhere” reality is woven into everyday workflows across the enterprise, embedded in SaaS platforms, browsers, copilots, extensions, and a rapidly expanding universe of shadow tools that appear faster than security teams can track. Yet most organizations still rely on legacy controls that operate far away from where AI interactions actually occur. The result…
-
SAML Development Guide
Tags: guideA comprehensive SAML development guide for engineering leaders. Learn about assertions, metadata, and securing single sign-on for enterprise CIAM. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/saml-development-guide/
-
User-Managed Access (UMA) 2.0 Comprehensive Guide
Deep dive into UMA 2.0 for enterprise SSO and CIAM. Learn about protection api, RPT tokens, and how to implement party-to-party sharing in your IAM stack. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/user-managed-access-uma-2-0-comprehensive-guide/
-
Chinese Money Laundering Jargon via Google’s Gemini
After having a short discussion with Gemini about Chinese Money Laundering, I could tell we weren’t quite connecting on my Mandarin-assistance requests, so I shared an example post from a Telegram “Crime-as-a-Service” group that was part of a Chinese Guarantee Syndicate. For context, these posts were made in the Tudou Guarantee Syndicate’s group dedicated to…
-
Enabling and Securing Basic Authentication: A Comprehensive Guide
Learn how to enable and secure basic authentication for enterprise systems. Guide covers tls encryption, credential hygiene, and sso migration for ctos. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/enabling-and-securing-basic-authentication-a-comprehensive-guide/
-
The Ultimate Guide to Single Sign-On in 2025
Master Enterprise SSO in 2025. Learn about SAML, OIDC, and CIAM strategies for CTOs and VP Engineering to secure B2B platforms and prevent data breach. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/the-ultimate-guide-to-single-sign-on-in-2025/
-
Is Data Center Colocation Secure? What CIOs and CISOs Need to Know
Learn how secure data center colocation really is. A practical guide for CIOs and CISOs covering physical security, compliance, risk, and governance. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/is-data-center-colocation-secure-what-cios-and-cisos-need-to-know/
-
Best E-Signature Solutions For Secure Digital Signing In 2026
As digital transactions become the backbone of modern business, secure electronic signatures are no longer optional. In 2026, organizations face increasing risks related to document fraud, identity theft, and regulatory violations. Choosing the right e-signature solution is now a cybersecurity decision, not just a productivity upgrade. This guide covers the best e-signature solutions for cybersecurity,…
-
NDSS 2025 PropertyGPT
Tags: blockchain, bug-bounty, conference, crypto, guide, Internet, LLM, network, oracle, strategy, tool, vulnerability, zero-daySession 11A: Blockchain Security 2 Authors, Creators & Presenters: Ye Liu (Singapore Management University), Yue Xue (MetaTrust Labs), Daoyuan Wu (The Hong Kong University of Science and Technology), Yuqiang Sun (Nanyang Technological University), Yi Li (Nanyang Technological University), Miaolei Shi (MetaTrust Labs), Yang Liu (Nanyang Technological University) PAPER PropertyGPT: LLM-driven Formal Verification of Smart Contracts…
-
The Complete Guide to Authentication Implementation for Modern Applications
A comprehensive developer guide to implementing secure authentication in modern applications. Covers OAuth 2.0, OIDC, passwordless authentication, passkeys, and enterprise SSO with production-ready code examples. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/the-complete-guide-to-authentication-implementation-for-modern-applications/
-
Hugging Face infra abused to spread Android RAT in a large-scale malware campaign
Abuse through smart hosting: Hugging Face is a go-to platform for developers hosting machine learning models, datasets, and tooling. According to Bitdefender, the resource is now being leveraged to mask malicious downloads amidst legitimate activity. While the platform uses ClamAV scanning on uploads, these controls currently fall short of filtering out cleverly disguised malware repositories,…
-
NDSS 2025 TrajDeleter: Enabling Trajectory Forgetting In Offline Reinforcement Learning Agents
Session 10D: Machine Unlearning Authors, Creators & Presenters: hen Gong (University of Vriginia), Kecen Li (Chinese Academy of Sciences), Jin Yao (University of Virginia), Tianhao Wang (University of Virginia) PAPER TrajDeleter: Enabling Trajectory Forgetting in Offline Reinforcement Learning Agents Reinforcement learning (RL) trains an agent from experiences interacting with the environment. In scenarios where online…
-
SSO vs. Federated Identity Management: A Guide
5 min readManaging digital identities for both human and non-human users is a central challenge for modern organizations. As companies adopt more SaaS platforms, microservices, and multi-cloud environments, they face two major identity challenges: Each login represents a potential vulnerability and productivity loss. According to 1Password, one in three employees (34%) reuse passwords at work,…
-
AHA Releases New Guides to Strengthen Hospital Emergency and Cyber Preparedness
Healthcare organizations in the United States face threats, ranging from public health emergencies to cyberattacks. To support hospitals and health systems in enhancing their preparedness and resilience, the American Hospital Association (AHA) has released two comprehensive resources for cyber preparedness in healthcare. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cyber-preparedness-in-healthcare/
-
Single Sign-on Account Management in App Stores
Tags: guideLearn how to manage Single Sign-on (SSO) account identities within app stores for enterprise security. Guide for CTOs on OIDC, SAML, and CIAM integration. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/single-sign-on-account-management-in-app-stores/
-
CISA publishes a post-quantum shopping list for agencies. Security professionals aren’t sold
A guide aims to help tech buyers navigate their switch to post-quantum encryption, but experts cautioned that most products and backend internet protocols have yet to be updated. First seen on cyberscoop.com Jump to article: cyberscoop.com/cisa-post-quantum-cryptography-procurement-guide-expert-criticism/
-
Unplugged holes in the npm and yarn package managers could let attackers bypass defenses against Shai-Hulud
Tags: authentication, bug-bounty, control, corporate, defense, email, github, guide, hacker, malicious, malware, microsoft, vulnerabilitydisabling the ability to run lifecycle scripts, commands that run automatically during package installation,saving lockfile integrity checks (package-lock.json, pnpm-lock.yaml, and others) to version control (git). The lockfile records the exact version and integrity hash of every package in a dependency tree. On subsequent installs, the package manager checks incoming packages against these hashes, and if…
-
CISA Releases List of Post-Quantum Cryptography Product Categories
CISA released initial list of PQC-capable hardware and software to guide companies amid quantum threats First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cisa-post-quantum-cryptography/
-
Week in review: Fully patched FortiGate firewalls are getting compromised, attackers probe Cisco RCE flaw
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: Review: AI Strategy and Security AI Strategy and Security is a guide for … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/25/week-in-review-fully-patched-fortigate-firewalls-are-getting-compromised-attackers-probe-cisco-rce-flaw/
-
ISO 27001:2013 vs 2022 A Quick Comparison Guide
ISO 27001 is an internationally recognized standard that defines the requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS) within an organization. First introduced in 1999, the standard has evolved through multiple revisions to address changing security needs. The most recent update, ISO 27001:2022, was released on October 25, 2022,……
-
ISO 27001:2013 vs 2022 A Quick Comparison Guide
ISO 27001 is an internationally recognized standard that defines the requirements for establishing, implementing, maintaining, and continuously improving an Information Security Management System (ISMS) within an organization. First introduced in 1999, the standard has evolved through multiple revisions to address changing security needs. The most recent update, ISO 27001:2022, was released on October 25, 2022,……
-
This guide will show you how to create SAML Identity management.
Learn how to build and manage SAML identity for enterprise SSO. Detailed guide on claims, certificates, and migrating from ADFS for CTOs and VPs of Engineering. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/this-guide-will-show-you-how-to-create-saml-identity-management/
-
Architecting the Enterprise SAML Handshake: A CTOs Guide to Service Provider Implementation
Master SAML Service Provider implementation. Learn how to secure authentication, manage assertions, and scale enterprise SSO for B2B platforms. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/architecting-the-enterprise-saml-handshake-a-ctos-guide-to-service-provider-implementation/