Tag: identity
-
One Identity Appoints Gihan Munasinghe as Chief Technology Officer
Alisa Viejo, United States, February 4th, 2026, CyberNewsWire One Identity, a leader in unified identity security, today announced the appointment of Gihan Munasinghe as Chief Technology Officer. Munasinghe brings more than 15 years of experience leading global engineering organizations and delivering large-scale, customer-centric software platforms. In this role, he will lead the engineering organization and set…
-
Building a Zero-Trust Framework for Cloud Banking
Zero-trust architecture helps banks secure cloud environments, meet regulations, and scale innovation through identity-first security. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/building-a-zero-trust-framework-for-cloud-banking/
-
One Identity Appoints Gihan Munasinghe as Chief Technology Officer
Alisa Viejo, United States, 4th February 2026, CyberNewsWire First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/one-identity-appoints-gihan-munasinghe-as-chief-technology-officer/
-
One Identity Appoints Gihan Munasinghe as Chief Technology Officer
Alisa Viejo, United States, 4th February 2026, CyberNewsWire First seen on hackread.com Jump to article: hackread.com/one-identity-appoints-gihan-munasinghe-as-chief-technology-officer/
-
Auto finance fraud is costing dealers up to $20,000 per incident
Auto retailers see fraud as a regular part of selling and financing vehicles, something that shows up often enough to plan around, according to Experian. Income and identity … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/04/auto-dealers-finance-fraud-losses/
-
What ensures NHI are protected in cloud platforms
What Makes Non-Human Identities Critical for Cloud Security? Have you considered how organizations can effectively secure their digital assets in cloud platforms? While we delve deeper into the digital space, the focus on securing data through robust Non-Human Identity (NHI) management has become paramount. NHIs, which are essentially machine identities, play a pivotal role in……
-
Flare Report: Infostealers Are Fueling Enterprise Identity Attacks
Flare research shows infostealers are increasingly exposing enterprise identity credentials, driving higher-impact compromises. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/flare-report-infostealers-are-fueling-enterprise-identity-attacks/
-
AI Agent Identity Management: A New Security Control Plane for CISOs
Autonomous AI agents are creating a new identity blind spot as they operate outside traditional IAM controls. Token Security shows why managing the full lifecycle of AI agent identities is becoming a critical CISO priority. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ai-agent-identity-management-a-new-security-control-plane-for-cisos/
-
Apache Syncope Vulnerability Allows Attackers to Hijack Active User Sessions
Apache Syncope, a popular open-source identity and access management platform, has disclosed a critical XML External Entity (XXE) vulnerability in its Console component. The vulnerability, tracked as CVE-2026-23795, allows authenticated administrators to execute XXE attacks and extract sensitive data from affected systems. Security researchers Follycat and Y0n3er discovered the flaw, which affects multiple versions of…
-
Why Identity Threat Detection Response Matters in 2026?
In 2026, identity has firmly established itself as the new security perimeter. As enterprises accelerate cloud adoption, enable remote workforces, and integrate SaaS and third-party ecosystems, attackers are no longer trying to “break in”; they are simply logging in. Compromised identities now sit at the center of most advanced breaches, making Identity Threat Detection &……
-
Shai-Hulud & Co.: The software supply chain as Achilles’ heel
Tags: access, ai, application-security, attack, backdoor, ciso, cloud, credentials, cyber, github, Hardware, identity, infrastructure, kritis, kubernetes, malicious, network, nis-2, programming, risk, rust, sbom, software, strategy, supply-chain, threat, tool, vulnerability, wormThe polyglot supply chain attack: The most frightening prospect, however, is the convergence of these threats in a polyglot supply chain attack. Currently, security teams operate in isolation. AppSec monitors the code, CloudSec monitors the cloud, NetworkSec monitors the perimeter. A polyglot attack is designed to seamlessly break through these silos.This happens as follows: A…
-
Think agentic AI is hard to secure today? Just wait a few months
Cost effective fix: Do nothing: Kodezi’s Khan offers an interesting fix for that foundational problem: Don’t even try. He argues it’s a money pit that will never be fully resolved. Instead, he suggests pouring resources into creating a strict identity strategy for every NHI going forward. “Aim for containment rather than for perfection. You can’t really govern…
-
Why boards must prioritize non-human identity governance
Boards of Directors (BoDs) do three things exceptionally well when cyber is framed correctly. They set risk appetite, they allocate capital, and they demand evidence that the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/02/03/gitguardian-boards-nhi-governance/
-
Configuring WS-Federation Single Sign-on for Resources
Tags: identityLearn how to configure WS-Federation SSO for enterprise resources. A deep dive into identity delegation, claim mapping, and securing legacy apps for engineering leaders. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/configuring-ws-federation-single-sign-on-for-resources/
-
Transparency in Decline as Data Breaches Hit New High
ITRC Report: 2025 Breach Notices Lack Critical Details as AI-Based Attacks Surge. The Identity Theft Resource Center tracked a record 3,322 U.S. data breaches in 2025, more than any previous year. Yet, only 30% of breach notices included actionable details that other defenders need. ITRC’s James Lee warns that this lack of transparency puts people…
-
What’s New in Tenable Cloud Security: Multi-cloud Risk Analysis, Attack Surface Assessments, Improved IAM Security and More
Tags: ai, attack, cloud, compliance, data, data-breach, endpoint, gartner, google, governance, iam, identity, infrastructure, Internet, least-privilege, microsoft, mitigation, network, radius, risk, risk-analysis, service, supply-chain, switch, tool, training, vulnerabilityTenable Cloud Security continues to expand the technical depth of our Tenable One exposure management platform. Our latest enhancements include unified multi-cloud exploration, high-fidelity network validation, and expanded entitlement visibility across infrastructure and identity providers. Key takeaways Graph-based multi-cloud exploration: We’ve leveraged our unified data model to provide deep visibility across all cloud environments. You…
-
Shift Left Is Dead for Cloud PAM
Why I Stopped JIT’ing Users and Started JIT’ing Permissions By Cole HorsmanField CTO, Sonrai Security I first tried to “shift left” cloud identity in early 2020. We were building a greenfield AWS environment with a strong cloud team and leadership support to do things properly. The idea was familiar: push security decisions earlier, give developers……
-
Canva uses 1Password to secure ID during growth phase
Tags: identityAs it underwent a growth spurt in the early 2020s, graphic design platform Canva turned to 1Password to manage identity across its expanding organisation First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366638181/Canva-uses-1Password-to-secure-ID-during-growth-phase
-
Interview: Why identity is the nucleus for cyber security
Amid a wave of market consolidation, Computer Weekly speaks to Keeper Security’s leadership on how identity and access management systems are becoming unified identity platforms capable of securing both human and machine identities First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366638413/Interview-Why-identity-is-the-nucleus-for-cyber-security
-
How risk culture turns cyber teams predictive
Tags: access, compliance, control, credentials, cyber, cybersecurity, data-breach, detection, identity, intelligence, jobs, ransomware, resilience, risk, serviceRisk culture: What it is when you strip the slogans: People talk about culture like it’s soft. Posters. Values. A town hall with applause on cue.Culture is harder. Culture is what people do when nobody is watching, and when the clock is loud. Culture is what gets you the truth at 4 p.m., not at…
-
Why non-human identities are your biggest security blind spot in 2026
Tags: access, api, breach, cloud, control, credentials, data-breach, github, google, governance, identity, least-privilege, password, service, threat, toolThe three blind spots I keep finding: After years working in cloud security and identity management, certain patterns show up everywhere I look. Three problems in particular appear in nearly every environment I assess. Secrets where they should never be. I still find API keys hardcoded in source files. Still. In 2026. Last year, GitGuardian…
-
Google Uncovers Major Expansion in ShinyHunters Threat Activity Using New Tactics
Tags: authentication, corporate, credentials, cyber, cybercrime, extortion, google, identity, mfa, phishing, service, software, tactics, threatA substantial expansion in cybercrime operations using tactics consistent with ShinyHunters-branded extortion campaigns. These sophisticated operations employ advanced voice phishing (vishing) and victim-branded credential harvesting websites to compromise corporate environments by stealing single sign-on (SSO) credentials and multi-factor authentication (MFA) codes. While the methodology of targeting identity providers and Software-as-a-Service (SaaS) platforms remains consistent with…
-
Web Single Sign-on with WS-Federation
Tags: identityDeep dive into Web Single Sign-on with WS-Federation. Learn how to implement secure federated identity, manage STS, and bridge legacy apps with modern CIAM. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/02/web-single-sign-on-with-ws-federation/
-
Best E-Signature Solutions For Secure Digital Signing In 2026
As digital transactions become the backbone of modern business, secure electronic signatures are no longer optional. In 2026, organizations face increasing risks related to document fraud, identity theft, and regulatory violations. Choosing the right e-signature solution is now a cybersecurity decision, not just a productivity upgrade. This guide covers the best e-signature solutions for cybersecurity,…
-
Agentic AI and Non”‘Human Identities Demand a Paradigm Shift In Security: Lessons from NHIcon 2026
In the race to innovate, software has repeatedly reinvented how we define identity, trust, and access. In the 1990’s, the web made every server a perimeter. In the 2010’s, the cloud made every identity a workload. Here in 2026, agentic AI makes every action autonomous. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/agentic-ai-and-non%e2%80%91human-identities-demand-a-paradigm-shift-in-security-lessons-from-nhicon-2026/
-
10 Best B2B Fintech SSO Solutions in 2026
Discover the best B2B fintech SSO solutions for 2026. Compare SAML, SCIM, SOC2-ready identity providers built for enterprise fintech needs. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/10-best-b2b-fintech-sso-solutions-in-2026/
-
Exploring Identity Management and CardSpace Technology
A deep dive into the evolution of identity management and cardspace technology. Learn how modern enterprise sso and ciam solutions replace legacy frameworks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/01/exploring-identity-management-and-cardspace-technology/
-
Human risk management: CISOs’ solution to the security awareness training paradox
Tags: access, ai, awareness, ciso, compliance, cyber, cybersecurity, data, email, identity, intelligence, malicious, mitigation, risk, risk-management, strategy, tool, trainingWhat is human risk management?: HRM is defined as a cybersecurity strategy that identifies, measures, and reduces the risks caused by human behavior. Simply stated, security awareness training is about what employees know; HRM is about what they do (i.e., their actual cybersecurity behavior).To be more specific, HRM integrates into email security tools, web gateways,…
-
Human risk management: CISOs’ solution to the security awareness training paradox
Tags: access, ai, awareness, ciso, compliance, cyber, cybersecurity, data, email, identity, intelligence, malicious, mitigation, risk, risk-management, strategy, tool, trainingWhat is human risk management?: HRM is defined as a cybersecurity strategy that identifies, measures, and reduces the risks caused by human behavior. Simply stated, security awareness training is about what employees know; HRM is about what they do (i.e., their actual cybersecurity behavior).To be more specific, HRM integrates into email security tools, web gateways,…