A Review of the Best News of the Week on Identity Management & Web Fraud
Bkav’s new mask beats Face ID in “twin way” (Bkav Corporation, Nov 28 2017)
Bkav’s security experts have successfully crafted a new mask, which beats Face ID in the way that twins unlock iPhone X. With this new research, Bkav raises the severity level to all users, instead of just some special individuals in Bkav’s previous recommendations.
AWS re:Invent Day 1 Recap (Auth0 Blog, Nov 28 2017)
The annual Amazon Web Services (AWS) re:Invent conference kicks off this week. Here’s a TL;DR of all the big announcements as well as Auth0’s observations and things they learned.
Protecting Against S3 Cloud Storage Leaks With a New Approach: BeyondCorp (The Duo Blog, Nov 30 2017)
Enrolling your users and endpoints (devices like laptops, smartphones, PCs, etc.) into inventories; identifying endpoints as trusted using digital certificates and creating access policies based on the authenticated combination of user and endpoint are all steps to take in establishing a new framework for enterprise security, known as BeyondCorp.
Sponsored by LogRhythm
SIEM Magic Quadrant
Gartner Positions LogRhythm in SIEM Leaders Quadrant for 5th Consecutive Year. Get the report
Cloud storage for password managers – are you for or against? (Naked Security – Sophos, Nov 24 2017)
Is the cloud the right place to keep your passwords?
Shifting Fraud Tactics and Synthetic Identity Fraud: A Shining Example of the Biggest Threat in Fraud Prevention (IDology, Nov 29 2017)
According to IDology’s 5th Annual Fraud Report, shifting fraud tactics are the biggest industry challenge to fraud prevention. As legacy identity verification systems mature to spot and prevent mainstream fraud schemes, nimble and savvy criminals rapidly shift their approaches, change domains, and attack anew.
Enterprises must address Internet of Identities challenges (CSO Online Application Security, Nov 22 2017)
No one owns identity at many organizations and identity skills are lacking. In lieu of a solution, these issues could lead to IoT roadblocks and security vulnerabilities.
Managing devops with dynamic authorization (CSO Online, Nov 30 2017)
Security technologies, like Dynamic Authorization, are an integral part of the devops methodology and should be managed in the same manner as the application itself.
Infographic: 10 Reasons to Get Identity Verification Right (Jumio, Nov 28 2017)
If you’re shopping for an identity verification solution, comparing solutions is tough. Most of the vendors are making the same claims, using the same vocabulary, and hoping you can tell the difference.