Skip to main content

Tag: identity security

24 articles

Brightly-lit server room with multiple computer workstations symbolizing identity security risks.

NSA, CISA Warn Federal Agencies of Identity Security Risks

The NSA and CISA are sounding the alarm: identity security risks are now the frontline in federal cybersecurity, with Active Directory and Entra ID being prime targets for cyber attackers. Recent incidents show that nearly 75% of major federal cyber breaches in the last five years involved compromised identities.

Analyst 207
Blurred laptop on minimalist desk in neutral room conveys vulnerability.

AI Agents Expose Identity Security Gap

The alarming truth is that security systems, designed with people in mind, are failing to protect against AI agents - and the consequences are stark. A single compromised machine identity can become a gateway to a vast array of sensitive information, as a recent breach involving an OAuth token and hundreds of organizations painfully illustrates.

Analyst 207
Person sits at cluttered desk with concerned expression, surrounded by papers and laptop.

Identity Crime Incidents Multiply for Victims, ITRC Data Reveals

The alarming rise in identity crime incidents is not just about the numbers, but also the disturbing pattern of recurrence, with nearly 26% of victims experiencing multiple concurrent incidents, according to the Identity Theft Resource Center's 2026 Trends in Identity Report. This growing multi-layered crisis sees single compromises snowballing into additional incidents across accounts and institutions.

Analyst 207
Person sitting at desk with laptop, surrounded by papers, thoughtfully typing or reading in quiet office setting.

Strengthening Active Directory Password Rules Without Frustrating Users

Want to boost your Active Directory password security without driving users crazy? Ditch outdated complexity rules and switch to passphrases - longer, multi-word passwords that are easier to remember and harder for hackers to crack.

Analyst 207
Person interacting with laptop and smartphone at a cluttered desk.

Device Security Must Complement Identity to Thwart Modern Threats

Authentication is no longer enough to guarantee security - even with multi-factor authentication in place, phishing kits can capture session tokens, allowing attackers to bypass security checks undetected. As a result, device security must step up to complement identity and prevent modern threats.

Analyst 207
Dimly lit server room with rows of humming servers and flickering screens, partially shrouded in shadow.

AI Adoption Exposes Identity Security Blind Spots

As organizations rapidly adopt AI, they're unwittingly creating a surge in non-human identities - like AI agents and machine identities - that are outpacing their ability to manage and secure them, leaving them vulnerable to new security risks. This blind spot is exposing companies to excessive privileges, unmanaged access, and orphaned accounts, threatening their security, compliance, and operations.

Analyst 207
Modern office interior with robotic system component in foreground and blurred server room in background.

AI Agents Expose Blind Spots in APAC Enterprise Security

Attackers are now targeting AI agents embedded within APAC enterprises, exploiting weaknesses in non-human identities to gain access to sensitive systems, data, and workflows. This emerging threat highlights a significant blind spot in enterprise security, one that's ripe for exploitation by malicious actors.

Analyst 207
Empty office cubicle with laptop and smartphone on desk, surrounded by blurred office equipment and natural light from a…

AI Agents Expose Organizations to Identity Security Risks

Most organizations are unwittingly rolling out AI agents that can open the door to identity security breaches, with 93% using or planning to use them for sensitive tasks like password resets and VPN access. Despite this, many admit that these agents create new vulnerabilities.

Analyst 207
Employees in a dimly lit office break room subtly exchanging a piece of paper or USB drive.

UK Workers Sell Corporate Logins, Exposing Firms to Cybercrime

One in eight UK employees at large firms have sold or know someone who has sold corporate logins in the past year, a shocking trend that puts companies at risk of cybercrime. Alarming still, many justify this risky behaviour, with senior executives being more likely to think selling credentials is acceptable.

Analyst 207
A computer workstation with a blank laptop screen and scattered papers in a neutral background.

AI Agents Expose Identity Security Gaps

Imagine an AI agent that can uncover thousands of hidden security vulnerabilities, some of which have gone undetected for nearly 30 years - and the potential risks that come with it falling into the wrong hands. A single powerful AI agent can scan for weaknesses faster and more persistently than hundreds of human hackers, highlighting a pressing need for secure deployment.

Analyst 207
Person interacting with laptop in neutral office setting.

Silverfort Injects AI into Access Decisions with Fabrix Buy

With Fabrix acquisition, Silverfort supercharges access decisions with AI, aiming to revolutionize identity security by automating routine tasks and reserving human oversight for high-stakes situations. This game-changing move enables businesses to scale security efficiently, freeing up human experts to focus on critical decisions.

Analyst 207
Security expert examines laptop in lab setting with tech equipment and AI hints.

Microsoft Fixes Entra ID Flaw That Enabled Service Principal Takeovers

Microsoft has patched a vulnerability in Entra ID that allowed hackers to hijack service principals, potentially leading to full takeover of sensitive systems. A security researcher discovered the flaw, which stemmed from overly broad permissions in the Agent ID Administrator role.

Analyst 207
Helpdesk worker sits at cluttered desk, staring at computer screen with password reset page.

Password Resets Expose Vulnerability in Corporate Security

Did you know that password resets can cost companies a whopping $70 each, and with stolen credentials involved in nearly 45% of breaches, it's clear that corporate security is vulnerable to attack.

Analyst 207
A lone figure in a hoodie works on a laptop surrounded by tech, with a robotic arm emerging from shadows.

Artemis Secures $70M to Deploy AI Agents Against Cyber Threats

Meet Artemis, a game-changing startup that's using AI agents to revolutionize the way organizations detect and investigate cyber threats - and they've just secured $70 million in funding to make it happen. By ditching outdated security systems, Artemis is pioneering a bold new approach to threat detection with AI-driven agents that span cloud, identity, and endpoints.

Analyst 207
Fortress-like structure with secure gate looms over discarded, broken key on ground.

Zero Trust Fortifies Identity Security Against Credential Exploits

Stolen credentials are a hacker's dream come true, leading to easy privilege escalation and full network compromise - but what if you could lock down your identities and shut the door on these threats? An identity-first Zero Trust approach is the powerful solution you need to fortify your security.

Analyst 207
Finger hovers over smartphone fingerprint reader with blue LED glow, set against a dark cityscape background.

Biometric Authentication Fortifies Against Stolen Credential Attacks

In a world where stolen credentials can turn authentication systems against us, traditional multifactor authentication can become just another vulnerability to exploit. Biometric authentication offers a powerful solution, fortifying defenses against stolen credential attacks by making it virtually impossible for hackers to replicate your unique identity.

Analyst 207
Securing Identities in a Decentralized Workforce

Securing Identities in a Decentralized Workforce

In today's decentralized workforce, the traditional network perimeter has disappeared, leaving us with a pressing question: who's responsible for securing identities when and where work happens? The shift to hybrid work has created a diffuse and distributed perimeter, where users and applications are scattered across various networks, devices, and clouds, making it harder for traditional security models to keep up.

Analyst 207
Serene desert oasis at dusk with futuristic cityscape, watchful eyes reflected in still pool amidst lush greenery and a…

Oasis Bolsters Agentic Security with $120M Series B

As AI adoption surges, a critical question emerges: how can organizations safeguard their security and integrity while scaling AI agents and automated systems? Oasis Security tackles this challenge head-on with a $120M Series B investment, empowering enterprises to securely manage the explosion of non-human identities and AI agents.

Analyst 207
CrowdStrike Stunning SGNL Deal Offers Best Identity Shield

CrowdStrike Stunning SGNL Deal Offers Best Identity Shield

CrowdStrike’s $740M acquisition of SGNL flips identity security from login to continuous authorization—pairing SGNL’s real‑time identity signals with CrowdStrike’s telemetry to fix identity hygiene and curb misuse by service accounts, machine IDs and AI agents. It’s a decisive bet that identity, not just authentication, is the new frontline of cyber defense.

Analyst 207
CrowdStrike Must-Have Deal Secures Identity Effortlessly

CrowdStrike Must-Have Deal Secures Identity Effortlessly

CrowdStrike’s $740M SGNL move is a must-have play in identity security—shifting the fight from “who are you?” to “what are you allowed to do?” as runaway machine identities like API keys and AI agents open easy paths for attackers. The goal: give enterprises the visibility and governance to find and lock down forgotten or over‑privileged non‑human accounts before they cause breaches.

Analyst 207
Enterprise Credentials: Stunning Threats, Critical Fixes

Enterprise Credentials: Stunning Threats, Critical Fixes

One believable I thought it was from IT can hand attackers the keys to your company — enterprise credentials are now the battleground, from hard‑coded device logins to leaked cloud secrets. Rotation, least‑privilege access, and moving secrets out of code with vaults and managed identities aren’t optional anymore; they’re your frontline defenses.

Analyst 207
IGA tool: Must-Have Free Boost for Identity Security

IGA tool: Must-Have Free Boost for Identity Security

Think of an IGA tool as a free, high-impact lever that turns messy access lists into a clear map of who can do what—so a careless click doesn’t become a crisis. For small and midsize teams it delivers fewer misconfigurations, faster incident response, and compliance-ready controls without the enterprise price tag.

Analyst 207
phishing-as-a-service: Stunning Risky Threat

phishing-as-a-service: Stunning Risky Threat

Think a thief who never touches the lock — VoidProxy is a phishing-as-a-service that intercepts live logins, relays MFA and session tokens in real time, and lets attackers quietly hijack Microsoft and Google accounts. Learn why layered defenses, hardware-backed keys, and session risk detection are now essential to stop these fast, stealthy takeovers.

Analyst 207
Active Directory: Risky Stunning Defaults Endanger Hospitals

Active Directory: Risky Stunning Defaults Endanger Hospitals

When attackers used Kerberoasting to cripple Ascension, Senator Wyden warned Microsoft’s defaults may be putting patients at risk — sparking an FTC probe and a wider debate over vendor responsibility versus hospital readiness. It’s a wake-up call: better identity hygiene and safer out‑of‑the‑box settings could be the difference between uninterrupted care and real harm.

Analyst 207