What is changing from OAuth 2.0 to OAuth 2.1? OAuth (Open Authorization) pronounced "oh-auth" is a technological standard that allows you to share information between services without exposing your password. OAuth Single Sign-On (SSO) protocol provides the application the capability for secure designated access and sharing of information with enterprise applications OAuth Single Sign-On is [...] Read More →
JIT provisioning automates the creation and updation of user accounts in web applications. It delivers information from an identity provider to web apps via the SAML (Security Assertion Markup Language) protocol. IT administrators no longer have to manually create accounts for each user in every application thanks to JIT provisioning. Rather, user accounts are created [...] Read More →
What is SAML? SAML (Security Assertion Markup Language) is an open standard that enables Identity Providers (IdPs) to send authorization credentials to service providers (SP). For standardized interactions between the identity provider and service providers, transactions through this protocol use Extensible Markup Language (XML). It is the link between a user's identity authentication and their [...] Read More →
What is IDaaS? IDaaS - Identity-as-a-Service, refers to identity management and access management services offered via the cloud rather than on-premises. Identity services maintain the information related to digital entities. In this form, it can be accessed and used in electronic transactions. An "as-a-service" model represents an operation where an external organization provides a service [...] Read More →
On September 2021, an attacker published credentials for 87,000 FortiGate SSL VPN devices online and created a huge threat to VPN Security by exploiting a known, old vulnerability. Investigators concluded that the credential was obtained by exploiting CVE-2018-13379, a vulnerability that allows unauthenticated attackers to download system files via specially crafted HTTP resource requests. Its [...] Read More →