All news with #identity security tag

🔐 FalconID is now generally available, delivering phishing‑resistant, FIDO2-based authentication built into the Falcon sensor and delivered via the Falcon for Mobile app. It replaces passwords, push notifications and one‑time codes with biometric, device‑bound verification and cryptographic domain binding. Authentication decisions are driven by real‑time identity, endpoint and SaaS telemetry to minimize friction while blocking credential abuse. For legacy apps, FalconID offers secure indirect authentication, and when paired with SGNL it enables continuous, risk‑based authorization across environments.

🔐 Today’s enterprise AI agents are no longer passive assistants but active operators that authenticate to systems using API keys, OAuth tokens, cloud roles, and service accounts. The article advocates treating every agent as a first-class identity with unique identities, lifecycle management, defined roles, clear ownership, and auditability. It warns that identity alone is insufficient because agents are dynamic and can drift from original missions; instead it promotes intent-based permissioning, activating privileges only when an agent's declared mission and runtime context justify the action. Practical steps include inventorying agents, assigning lifecycle-managed identities, documenting approved missions, and enforcing conditional access based on identity, intent, and context.

🔐 Most identity programs still triage work like IT ticket queues—by volume, noise, or failed control checks—an approach that breaks when environments are increasingly non-human and partially onboarded. Identity risk is a function of controls posture, hygiene, business context, and intent; missing controls matter differently depending on what an identity can access. Hygiene failures such as orphan, local, or dormant accounts create low-effort paths for attackers and autonomous agents. Orchid builds an identity graph from telemetry, scores contextual risk, ranks toxic combinations, and sequences remediation to reduce real exposure rather than just shrink a findings list.

🔐 Modern workforce mobility has made identity verification necessary but insufficient: authentication proves who a user is, not how risky their access may be. Attackers increasingly exploit device and session blind spots — legacy protocols, unmanaged endpoints, token theft, and MFA bypass — to reuse trusted identities. Specops's Infinipoint extends verification beyond login by continuously assessing both user and device to reduce these exposure points without disrupting productivity.

🔒 Insurers and regulators are increasingly using identity posture as a primary underwriting metric, shifting focus from isolated technical controls to evidence of ongoing identity governance. Evaluations emphasize password hygiene, visibility into credential exposure, privileged access management, and comprehensive MFA coverage across remote, email, and privileged access paths. Organizations that can demonstrate continuous monitoring, regular access certification, and the removal of shared or never‑expiring credentials are more likely to secure favorable premiums and avoid claim disputes.

🔐Modern infostealers harvest credentials, session data, cookies, and local files, turning a single compromise into a persistent identity asset. Specops researchers analyzed over 90,000 infostealer dumps and more than 800 million rows, showing how disparate signals tie accounts, employers, and roles to real people. By blocking known-compromised passwords across Active Directory, Specops Password Policy aims to reduce reuse and downstream enterprise risk.

🔍 CrowdStrike describes how combining Falcon Data Protection, Falcon Next-Gen Identity Security, and HR context enables detection of insider threats through multi-layer telemetry correlation, behavioral baselines, and automated risk scoring. The Insider Threat Analytics and User Activity Investigation dashboards surface anomaly hunting leads — rare destinations, first-seen egress, off-hours activity, USB and unusual endpoint transfers — and provide prioritized user risk lists. Workday integration and content inspection improve visibility for departing employees and sensitive data.

🔐 Password-based authentication is increasingly replaced by passkeys—FIDO2/WebAuthn-backed credentials that store private keys on devices and typically meet AAL2/AAL3 assurance per NIST SP 800-63B. This article explains how organizations can adopt passkeys while remaining compliant with ISO/IEC 27001, mapping changes to Annex A controls (Access Control, Authentication Information, Secure Authentication) and documenting risk treatment. It highlights benefits, common risks such as device loss and downgrade attacks, and practical migration steps for enterprise deployment.

🔐 Ransomware has shifted boardroom and security priorities by showing that identity compromise can block recovery even after applications and data are restored. Security leaders now treat identity recovery as a designed capability, emphasizing immutable backups, automated restoration for Active Directory, and isolated backup platforms. Vendors such as Cognizant and Rubrik are positioning integrated services that combine orchestration, rapid recovery, and compliance-ready reporting to shorten downtime and reduce attacker re-entry risk.

🔒 CrowdStrike has been named a Customers’ Choice in the 2026 Gartner Peer Insights Voice of the Customer for User Authentication report. For the second consecutive year it led with the highest volume of verified reviews, receiving 129 five‑star ratings out of 179 responses and a 96% Willingness to Recommend score. CrowdStrike highlights Falcon Next‑Gen Identity Security as an AI‑powered, continuous identity protection solution and notes intent to acquire SGNL to add continuous dynamic authorization and remove standing privileges.

🔐 CyberArk is joining Palo Alto Networks to elevate identity security as a core platform pillar for cloud, automation and AI-driven environments. The post argues identity is now the primary attack vector: machine identities outnumber humans by more than 80:1 and 87% of organizations experienced multiple identity-centric breaches in the past year. It calls for continuous visibility, dynamic privilege controls and unified governance to secure human, machine and AI agents and reduce opportunities for lateral movement.

🔒 Administrators can now configure Amazon WorkSpaces Secure Browser portals to use custom domains, replacing the default portal URL to align browser sessions with organizational branding. After adding the custom domain and routing traffic via a reverse proxy (for example, Amazon CloudFront), Secure Browser redirects users to the configured domain after authentication. Authentication supports AWS Identity Center or a customer IdP with both IdP-initiated and SP-initiated flows, and the feature is available at no extra charge in 10 AWS Regions.

🔒 The article argues that organizations commonly mistake tenure, performance, or verbal commitment for durable loyalty, creating a blind spot for insider risk. Loyalty is dynamic—shaped by fairness, hardship, and alignment—and can erode into resentment, data theft, or sabotage. The author advocates continuous, tiered verification, privacy-respecting monitoring, and AI-aware controls, citing Trusted Workforce 2.0 as a blueprint and cost comparisons that favor proactive programs.

🔎 Orchid Security has introduced an continuous identity observability platform that discovers, analyzes, and governs identity usage inside enterprise applications. The solution instruments applications to reveal embedded credentials, non‑human identities, custom authentication flows, and access paths that bypass IAM controls. It then prioritizes risks, routes findings to control owners, and integrates with IAM, PAM, and GRC workflows to drive remediation and provide continuous audit-ready evidence.

🔐 AI agents—custom GPTs, copilots, coding agents and other autonomous tooling—are proliferating in production while remaining largely outside traditional IAM, PAM, and IGA controls. The piece argues for treating agents as a distinct identity class and applying continuous identity lifecycle management to ensure visibility, ownership, dynamic least privilege, and auditability. Rather than slowing adoption, this approach positions identity as the control plane for balancing innovation and security.

🔐 Non-human identities — service accounts, API keys, automation credentials and AI agents — are proliferating across cloud environments and often sit outside governance, creating high-risk blind spots. The author recounts finding a dormant Azure service account with owner-level access and dozens of similar accounts, and cites industry data showing machine-to-human ratios of up to 500:1. He recommends continuous discovery, strict least-privilege defaults, elimination of static credentials and automated rotation to reduce this primary breach vector.

🔍 This post explains how to scale AWS Managed Microsoft AD by choosing between scale-up (edition upgrade to Enterprise) and scale-out (adding domain controller instances), and shows how to use Amazon CloudWatch dashboards to monitor directory health. It highlights key metrics—CPU, memory, disk, I/O, network, and DNS—recommended thresholds, and alerting guidance to inform scale decisions. The guidance recommends preferring reversible scale-out for capacity issues and reserving scale-up for Enterprise-only features such as multi-Region replication and large object counts.

🔐 Taylor Lehmann outlines five CISO priorities for 2026, urging leaders to align compliance work with broader operational resilience rather than treating regulation as the only objective. He emphasizes securing the AI supply chain with end-to-end provenance and tools such as SLSA and SBOM, and strengthening identity management for humans and agents. Lehmann also calls for defenses that operate at machine speed and for improved AI governance through context, advanced testing, and red teaming.

🔒 AI integration has shifted public-sector cybersecurity in 2026, forcing agencies to adopt AI-native detection and autonomous response, continuous identity verification, and secure-by-design AI deployments. Nation-state actors now automate intrusion, deception, and tailored malware, expanding risk to IT, OT and research environments. Agencies must consolidate platforms, accelerate post-quantum planning, and govern AI at mission scale.

🔐 Microsoft recommends four priorities for identity and network access in 2026: deploy fast, adaptive AI protection; manage and govern AI agents as first-class identities; unify identity and network controls into an Access Fabric; and strengthen identity foundations with phishing-resistant credentials and high-assurance recovery. The post cites Microsoft Entra capabilities and studies showing faster, more accurate admin workflows, and emphasizes applying Zero Trust to agents, networks, and devices.