Tag: identity
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
6 key trends reshaping the IAM market
Tags: access, ai, attack, authentication, ciso, compliance, corporate, cyber, cybersecurity, data, dora, finance, framework, governance, government, Hardware, iam, identity, mfa, mobile, network, nis-2, passkey, password, PCI, phone, regulation, saas, service, startup, strategy, technologyPasswordless authentication on the rise: Passwords have long been the weakest link in most security architectures.Many mobile phones and laptops already use biometrics for authentication, and the user experience is typically far better than typing a long and complex password into an interface.The growing uptake of passwordless authentication (FIDO2/passkeys, biometrics) is redefining the scope of…
-
Microsoft hands Entra ID users new option for MFA
Organizations rely on MFA to enforce identity checks before granting access to systems and services. Microsoft has made external MFA generally available in Microsoft Entra ID, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/25/microsoft-entra-id-external-mfa/
-
Identity Attack Path Management: SpecterOps erweitert Lösungsangebot auf Okta, GitHub und Mac
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/identity-attack-path-management-specterops
-
Why Prevention Isn’t Enough: Shifting to True Operational Resilience in 2026
Enterprises must move beyond prevention to prioritize identity resilience, rapid containment, and recovery as core cybersecurity capabilities. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/cybersecurity/true-operational-resilience/
-
Securden Unveils Unified Identity Security Platform at RSAC 2026, Combining PAM, EPM, IGA, and More
Securden launched what it calls the world’s first truly unified identity security platform at RSA Conference 2026, consolidating privileged access management, endpoint privilege management, identity governance, cloud entitlement management, non-human identity security, and AI agent security into a single product. The announcement targets a persistent problem in enterprise security: organizations typically address these identity security..…
-
imper.ai Launches Workforce Identity Security Platform at RSAC 2026
imper.ai made its public debut at RSAC 2026 with the launch of its Workforce Identity Security platform, built to stop impersonation and account takeover across the employee lifecycle. The company is targeting a specific gap it says current identity tools leave wide open: attackers who bypass authentication entirely rather than breaking through it. As phishing-resistant..…
-
Introducing the Identity and Access Gaps in the Age of Autonomous AI Survey Report
2 min readThe Trivy incident exposed a credential architecture failure, not just a supply chain one. Here’s the case for workload identity and access. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/introducing-the-identity-and-access-gaps-in-the-age-of-autonomous-ai-survey-report/
-
Azure APIM Signup Bypass: 97.9% of Developer Portals Still Exploitable Anonymously and from the Internet
The Azure APIM signup bypass is a critical vulnerability affecting 97.9% of internet-facing Developer Portals. Azure API Management (APIM) exposes APIs to external consumers through a Developer Portal, the interface where developers self-register, obtain API keys, and make API calls. The default APIM configuration ships with Basic Authentication enabled as the identity provider and the……
-
Azure APIM Signup Bypass: 97.9% of Developer Portals Still Exploitable Anonymously and from the Internet
The Azure APIM signup bypass is a critical vulnerability affecting 97.9% of internet-facing Developer Portals. Azure API Management (APIM) exposes APIs to external consumers through a Developer Portal, the interface where developers self-register, obtain API keys, and make API calls. The default APIM configuration ships with Basic Authentication enabled as the identity provider and the……
-
The AI safety conversation is focused on the wrong layer
Organizations have spent years accumulating fragmented identity systems: too many roles, too many credentials, too many disconnected tools. For a workforce of humans, that … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/24/ai-agent-identity-security-systems/
-
Zero Trust: Bridging the Gap Between Authentication and Trust
Passing MFA doesn’t mean a session is safe, attackers can hijack tokens and bypass identity checks. Specops Software explains why Zero Trust must verify both user identity and device health. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/zero-trust-bridging-the-gap-between-authentication-and-trust/
-
Huntress Brings ITDR to Google Workspace as Identity Attacks Surge
Huntress has announced it is extending its Managed Identity Threat Detection and Response (ITDR) solution to Google Workspace, marking a significant expansion of the company’s cloud identity security coverage and coming at a telling moment. The announcement, made today at RSA Conference in San Francisco, coincides with Huntress surpassing 10 million Microsoft 365 identities protected…
-
Microsoft Proposes Better Identity, Guardrails for AI Agents
Companies need better controls to manage key threats rising from the growth of agentic AI. These new features provide a starting point. First seen on darkreading.com Jump to article: www.darkreading.com/identity-access-management-security/microsoft-proposes-better-identity-guardrails-ai-agents
-
Omada Identity ernennt Jakob H. Kraglund zum neuen CEO
Omada Identity, ein weltweit führender Anbieter von KI-gestützter Identitätssicherheit und -Governance, gab die Ernennung von Jakob H. Kraglund zum Chief Executive Officer (CEO) bekannt. Kraglund kommt mit einer beachtlichen Erfolgsbilanz in den Bereichen Wachstum und digitale Transformation zu Omada Identity. Zuletzt war er CEO bei Targit, ebenfalls einem Unternehmen im Portfolio von GRO, das kürzlich…
-
Streamline physical security to enable data center growth in the era of AI
Tags: access, ai, automation, best-practice, business, control, data, framework, identity, risk, threat, tool, vulnerabilityThink beyond delivery : Every company operates as an economy of projects. But at AI scale, projects must evolve into programs. Designing and delivering AI-capable data centers requires an integrated, fast-moving production model built on repeatable processes and structured knowledge transfer. Intelligent reuse of project elements, including toolsets, intellectual property, templates, design standards and best practices, becomes…
-
Oracle Issues Emergency Patch for Critical Flaw Enabling Remote Code Execution
Tags: advisory, cvss, cyber, flaw, identity, oracle, remote-code-execution, service, update, vulnerabilityOracle has released an emergency out”‘of”‘band patch to address a critical vulnerability, tracked as CVE”‘2026″‘21992, that affects two core enterprise products: Oracle Identity Manager and Oracle Web Services Manager. The flaw, disclosed on March 19, 2026, carries a CVSS v3.1 base score of 9.8, placing it in the highest severity category and prompting an urgent…
-
Palo Alto updates security platform to discover AI agents
Next Generation Trust Security: Separately, Palo Alto Networks also announced a new digital certificate lifecycle management platform, following the closing last month of its acquisition of CyberArk.By integrating CyberArk’s machine identity intelligence into the network, NGTS closes the gap between the teams managing certificates and the teams responsible for uptime, Palo Alto Networks said in…
-
Palo Alto updates security platform to discover AI agents
Next Generation Trust Security: Separately, Palo Alto Networks also announced a new digital certificate lifecycle management platform, following the closing last month of its acquisition of CyberArk.By integrating CyberArk’s machine identity intelligence into the network, NGTS closes the gap between the teams managing certificates and the teams responsible for uptime, Palo Alto Networks said in…
-
Palo Alto updates security platform to discover AI agents
Next Generation Trust Security: Separately, Palo Alto Networks also announced a new digital certificate lifecycle management platform, following the closing last month of its acquisition of CyberArk.By integrating CyberArk’s machine identity intelligence into the network, NGTS closes the gap between the teams managing certificates and the teams responsible for uptime, Palo Alto Networks said in…
-
Palo Alto updates security platform to discover AI agents
Next Generation Trust Security: Separately, Palo Alto Networks also announced a new digital certificate lifecycle management platform, following the closing last month of its acquisition of CyberArk.By integrating CyberArk’s machine identity intelligence into the network, NGTS closes the gap between the teams managing certificates and the teams responsible for uptime, Palo Alto Networks said in…
-
OmniTrust Launches Trust Lifecycle Management Platform to Unify Device, Identity, and AI Agent Security
OmniTrust, formerly INTEGRITY Security Services, formally launched at RSAC 2026 Monday with the debut of its Trust Lifecycle Management (TLM) platform. The company, which became an independent entity in late 2024 after operating within Green Hills Software, is applying decades of safety-critical security work to a new problem: the fragmented state of enterprise trust across..…
-
Cisco Ships Zero Trust for AI Agents, Self-Service Red Teaming, and Agentic SOC Tools at RSAC 2026
Cisco announced a broad set of security products at RSAC 2026 Monday aimed at securing the growing use of AI agents in enterprise environments. The announcements span identity management, pre-deployment testing, open-source tooling, and SOC automation. The centerpiece is Zero Trust Access for AI agents, which extends Cisco’s existing access control model to cover agentic..…
-
Tuskira Unveils Federated Detection Engine at RSAC 2026
Tuskira announced its Federated Detection Engine at RSA Conference 2026, adding a new capability to its Agentic SecOps platform that lets security teams detect threats in real time directly across cloud, identity, endpoint, network, SaaS, infrastructure, and legacy SIEM environments without centralizing logs first. The traditional model of detection engineering depends on pulling data into..…
-
Ex-US Soldier Among 3 Sentenced for DPRK IT Worker Scam
IT Worker Scheme, Laptop Farm Siphon Funds Back to North Korea. A U.S. federal judge sentenced a now-former Army soldier to one year in prison Friday for renting his identity to North Korean IT workers who used it to collect more than $193,000 in salaries from American companies. Also sentenced were two California men who…
-
Zero Trust Anchors AI Security Strategy
Zscaler’s Jay Chaudhry on Infrastructure, Agents and Oversight. Zscaler CEO Jay Chaudhry explains why distributed infrastructure and zero trust models will shape AI security, the agent risks mirroring human threats and why strong oversight and identity validation remain essential for mission-critical applications. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/zero-trust-anchors-ai-security-strategy-a-31119
-
AccuKnox Launches AI-Security 2.0 to Extend Zero Trust Protection to AI Models and Agents
AccuKnox launched AI-Security 2.0 at RSA Conference 2026, positioning the platform as an identity-powered, Zero Trust framework built specifically for securing AI models, agents, and data. The release includes eight integrated modules, six of which are generally available and two in beta. The GA modules cover the core risk surface organizations encounter when running AI..…
-
The Trivy Compromise: The Fallacy of Secrets Management and the Case for Workload Identity
6 min readThe Trivy incident exposed a credential architecture failure, not just a supply chain one. Here’s the case for workload identity and access. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/03/the-trivy-compromise-the-fallacy-of-secrets-management-and-the-case-for-workload-identity/
-
SOCRadar Launches AI Agent Marketplace and Identity Intelligence at RSAC 2026
SOCRadar launched its AI Agent Marketplace at RSA Conference 2026, introducing a modular hub where organizations can browse, purchase, and deploy specialized autonomous AI agents within the SOCRadar Extended Threat Intelligence Platform. The release also adds Identity and Access Intelligence capabilities designed to address what the company describes as identity >>blind spots<< across third-party SaaS..…