Identity Management | Breaking Cybersecurity News | The Hacker News

Identity-based attacks are the #1 cause of breaches, often exploiting weaknesses in traditional identity platforms. It's time for a proactive approach that addresses these gaps and stops threats before they strike. Identity has become the primary attack surface in cybersecurity. According to Forbes, 75% of cyberattacks leverage identity-based threats. Threat actors gain access using stolen credentials, compromised devices, and deepfake impersonation techniques, often bypassing traditional defenses without detection. Many identity platforms rely on MFA, such as push notifications and one-time passcodes (OTPs), which were once considered secure but are now frequently exploited through phishing, MFA fatigue, and man-in-the-middle attacks. The rise of generative AI has made these threats more effective and more prevalent.  To compensate, organizations have deployed tools like Endpoint Detection and Response (EDR), Network Detection and Response (NDR), and Identity Threat Detection ...

The cybersecurity community has been buzzing about JPMorgan Chase CISO Pat Opet's open letter to third-party suppliers since its release right before RSA. This candid assessment from the security leader of one of the world's largest financial institutions has struck a chord, particularly his observations about SaaS security. Opet didn't mince words: " SaaS models are fundamentally reshaping how companies integrate services and data—a subtle yet profound shift eroding decades of carefully architected security boundaries ." This statement encapsulates a reality that security professionals have been grappling with—the traditional security perimeter has dissolved, replaced by a complex web of interconnected SaaS applications, each with their own configurations, access controls, and data sharing capabilities. Let's break down the key issues highlighted in Opet's letter and explore practical solutions. The New SaaS Security Challenges OAuth Vulnerabiliti...

I have been a Star Wars fan since the moment I took my seat in the theatre and saw Princess Leia's rebel ship trying to outrun an Imperial Star Destroyer. It's impossible to see that movie (or its greatest successor, Andor ) and not take the side of the underdog rebels, who are determined to escape the iron fist of imperial control. Of course, in my work as a security professional, "control" is the name of the game. I've spent as much of my career trying to stop my own end-users from going outside the lines as I have trying to guard against malicious outsiders. I personally still think I'm the good guy, since my ultimate goal is to protect sensitive data, but I understand why IT and security teams are often seen as the bad guys. After all, we do operate according to something called the "rule of no." It's not great branding, and increasingly, it just isn't working. Here's the situation in 2025: we have a galaxy's worth of diverse applications, devices, and user identities accessing...

SaaS applications are the backbone of modern organizations, powering productivity and collaboration. However, they also introduce critical security risks—identity sprawl, misconfigurations, and an expanding attack surface. Identity providers have become a prime target for threat actors, prompting security teams to focus on protecting identities across multiple SaaS environments. To mitigate these risks, many organizations adopt SaaS Security Posture Management (SSPM) to harden configurations, enforce least-privilege access, and maintain visibility over human and non-human identities. SSPM is an essential preventive tool that improves cyber hygiene by reducing the attack surface. Yet prevention alone is not enough in today's evolving threat landscape. Identity Threat Detection and Response (ITDR) is crucial to bridge this gap and enable organizations to detect and respond fast to active threats targeting their identity infrastructure. The Growing Threat to SaaS Identities The rise i...

Across industries, businesses are focused on achieving key objectives such as: Driving sustainable revenue growth Reducing costs and improving efficiency Strengthening security and ensuring compliance Customer Identity and Access Management (CIAM) is central to these goals. A robust CIAM solution doesn't just enable seamless user authentication and access—it unifies identity across an organization's digital ecosystem. This ensures that customers can engage consistently across all channels while enabling sales, marketing, and support teams to leverage a single, authoritative view of each user. Moreover, outsourcing Customer Identity to an extensible CIAM platform enhances agility, freeing developers to focus on core applications. This results in faster development cycles, improved user experiences, and quicker time-to-market. From a security perspective, CIAM is critical for protecting user data, preventing identity-based threats, and meeting regulatory requirements. However, t...

In every industry, Active Directory (AD) and Entra ID are the de facto standard identity directories . While cloud environments are becoming more prevalent, many industries' governing bodies require sensitive and private data and the applications utilized by them to remain on the premises. The hybrid combination of AD and Entra ID creates a complex web of identities in domains and forests that are often managed from separate consoles, creating a costly and risky administrative challenge. The complexity of hybrid environments often results in vulnerabilities that can put businesses at risk. These vulnerabilities take the form of privilege sprawl as a result of mergers, acquisitions, mobility within a company, and the resulting creation or addition of new identity accounts. Each individual identity account requires specific rights to access corporate resources. How those rights are allocated and protected is critical to an organization's security and productivity. Any gaps create s...

Coined in 2010 by Forrester Research , the term "zero trust" has long been hijacked by security vendors eager to take advantage of the hype that surrounds the concept. Today, it's so overused and misused that many see it as a meaningless buzzword—but that's far from the truth. In fact, its widespread misappropriation demonstrates the power of zero trust security. Why else would countless vendors try to capitalize on it? As they say, imitation is the sincerest form of flattery. Zero trust is not a mere label. Rather, zero trust is an architecture—though you'll also hear of a zero trust methodology, framework, paradigm, and infrastructure—and it's based on the idea of zero implicit trust, meaning no one should be trusted by default. The key zero trust principle of least-privileged access says a user should be given access only to a specific IT resource the user is authorized to access, at the moment that user needs it, and nothing more. Hence the zero trust maxim,...

Non-Human Identities (NHIs) are an emerging focus for Security Operations Centers (SOCs) in the age of automation and autonomous tooling. With many of the most recent cyber-attacks focused on compromising NHIs such as secrets, machine identities, and OAuth tokens, securing NHIs has become a forefront concern when protecting confidential information and other digital assets. The Problem Findings from recent research from Entro Labs indicate NHIs outnumber human identities in modern enterprises by over 92:1, requiring more extensive visibility and investigation throughout the enterprise to secure than ever before. The rapid proliferation of Non-Human Identities throughout modern enterprises has standardized security exposure as a de-facto practice of most organizations - While Identity Access Management (IAM) tools and Identity Governance and Administration (IGA) processes safeguard human identities and manage their lifecycles (onboarding, offboarding, role changes, etc…), NHI mana...

Privileged Identity Management (PIM): PIM is described as a service within Microsoft Entra ID, designed to manage, control, and monitor access to crucial organizational resources, encompassing Microsoft Entra ID, Azure, and other Microsoft Online Services like Microsoft 365 and Microsoft Intune. In the cybersecurity landscape, Privileged Identity Management (PIM) emerges as a pivotal element, but its effectiveness in managing privileged access is subject to scrutiny. Integral to the broader identity and access management (IAM) framework, PIM's role in upholding the least privilege and just-in-time access principles is increasingly questioned amidst evolving digital threats. While theoretically vital for risk mitigation and regulatory compliance, the practical application of PIM, especially in complex cloud and IT environments, often reveals limitations in its ability to adapt to sophisticated cyber threats. This dichotomy between PIM's intended role and its real-world effica...