How attackers weaponize Microsoft's OAuth device code flow to steal tokens, bypass MFA, and maintain persistent access.The post Device code attacks in Azure: From exploitation to detection appeared first on Silverfort ...

TL;DR The Microsoft Agent Identity Platform (Preview) gives AI agents their own identities in Entra ID (blueprints, agent identities, agent users) so you can govern and secure them like any other principal. To manage that ...

FIDO2 is a modern authentication group term for passwordless authentication. The Fast Identity Online (FIDO) Alliance developed it to replace the use of legacy known passwords and provide a secure method to authenticate ...

We’re proud to unveil the first report based on Silverfort’s proprietary data: The Identity Underground Report. This data, gathered and analyzed from hundreds of production environments, discloses the key security gaps – ...

Every organization faces an ongoing battle against cybersecurity threats. Attackers are constantly looking for vulnerabilities to exploit, seeking out the Achilles’ heel that can give them access to your systems and data.   ...

Collect authentication traffic from Active Directory, create a detailed report (and GIF) that outlines lateral movement patterns Lateral movement detection is a challenge every cybersecurity researcher is likely familiar with. My team ...

Shadow Admins are non-administrative users that hold sensitive privileges which effectively grant them admin-level rights. Such privileges can include direct access to resources or the ability to modify other users’ settings (for ...

During my time here at Silverfort, I was tasked with building an alert system to send messages from our Snowflake database directly to a Slack channel. Easy enough, I thought to myself ...

Lateral movement detection is a challenge every cybersecurity researcher is likely familiar with. My team and I faced this challenge a few months ago and, not surprisingly, quickly discovered there is no ...