Securing Social / Locking Login / Armoring Authentication

Securing Social / Locking Login / Armoring Authentication

Authentication might be the single biggest hazard for web security over the next decade. It's not that the fundamentals of authentication are particularly challenging; we've understood the basic principles behind password management, push-based authorization, and device certificates for some time ... Read More
US_Army_crossing_the_Rhine_on_heavy_ponton_bridge_at_Worms,_March,_1945

Composing Defences: The Case for Building Defence in Height

| | CSO Insights
Often, in the information security community, we bandy about terms like “defence in depth” or “layered defences.” Most of the time, it’s just a platitude for “buy more stuff.” It’s worth exploring the way these terms evolved, and how we should think about defensive architectures in the world defined not ... Read More