These three IAM security misconfiguration scenarios are rather common. Discover how they can be exploited, but also, how easy it is to detect and correct them. Identity and access management (IAM) misconfigurations are one of the most common concerns in cloud security. Over the last few years, we have seen how these security holes put organizations at increased risk of experiencing serious attacks on their Cloud accounts.

To pull off a data breach, today’s cybercriminals have some formidable tools at their disposal. They can use software to guess simple passwords. They may infect a system with ransomware, only returning stolen information when they’re received payment. They might choose to deploy a social engineering attack and gain access to a network through human error.

Few computing concepts are as ubiquitous as identity and access management. There isn’t a single day that goes by without us being asked for credentials, passwords or pin codes. Yet very few know the origins and the evolution of the technologies behind them. This is the first of two blog posts where we will look at the history of open-source identity management. We will cover the main open-source protocols and standards that shaped it, from its origins to the modern days.

From the basic to advanced concepts of AWS own service for identity and access management: users, groups, permissions for resources and much more. For seriously working with AWS, there’s no way around its Identity and Access Management (IAM) service. Skipping to understand its core principles will bite you again and again in the future️. Take the time to do a deep dive, so you won’t be frustrated later.

The identification of every user making a request to a given system is vital to ensuring that action is only taken by, and information only returned to, those who need it. This happens in two steps: first, the requester is identified (authenticated), and then that identity is used to determine which parts of the application they are allowed to access.

Last year’s IDC’s Cloud Security Survey found that nearly 80 percent of companies polled have suffered at least one cloud data breach in the past 18 months.

This blogpost is a followup to the blogpost Icinga Web permissions and restrictions (how do they work, examples). These two additions provide flexibility to manage web access control..

Five worthy reads is a regular column on five noteworthy items we’ve discovered while researching trending and timeless topics. This week let’s go back to security basics with password hygiene—the simplest, and yet often overlooked step in account security. Passwords have been the bane of many internet users since the inception of the world wide web.