All news with #oauth misconfig tag

Tue, August 12, 2025

CrowdStrike Named Leader in GigaOm SSPM Radar 2025

#AI Security #CrowdStrike #Identity Posture #Identity Threat Detection #OAuth Misconfig #Service Accounts #Shadow AI

🔒 CrowdStrike has been named the only Leader and Outperformer in the 2025 GigaOm Radar for SaaS Security Posture Management (SSPM). The recognition highlights the CrowdStrike Falcon platform's unified, AI-native approach—combining Falcon Shield, identity protection and cloud security—to detect and remediate misconfigurations, identity threats, and unauthorized SaaS access. Falcon Shield's extensive integrations, automated policy responses via Falcon Fusion SOAR, and GenAI-focused controls underpin its market-leading posture and support continuous visibility across human and non-human identities.

Tue, July 15, 2025

Securing Cloud Identity Infrastructure Through Collaboration

#Conference #HSM #IAM #Identity Threat Detection #JWT Weakness #Key Management #OAuth Misconfig #OIDC Misuse #Secrets Management #Token Exchange

🔒 CISA's Joint Cyber Defense Collaborative (JCDC) is coordinating with major cloud providers and federal partners to strengthen core cloud identity and authentication systems against sophisticated, nation-state affiliated threats. Recent incidents have exposed risks from token forgery, compromised signing keys, stolen credentials, and gaps in secrets management, logging, and governance. On June 25, a technical exchange convened experts from industry and government to share best practices and explore mitigations such as stateful token validation, token binding, improved secrets rotation and storage, hardware security modules, and enhanced logging to better detect and respond to malicious activity.