Filters

Filter By155 Results FoundClear Filters
Type
Topic

Showing results 1 - 20 of 155 for "authentication"

Why Are Authentication and Authorization So Difficult?
BLOG POST - https://www.cisecurity.org/insights/blog/why-are-authentication-and-authorization-so-diffic...

Why Are Authentication and Authorization So Difficult?

By: Kathleen M. Moriarty, CIS Chief Technology Officer Let’s say you’re tasked with selecting a strong authentication solution for your organization. ...

Election Security Spotlight – Multi-Factor Authentication
SPOTLIGHT - https://www.cisecurity.org/insights/spotlight/ei-isac-cybersecurity-spotlight-multi-factor-...

Election Security Spotlight – Multi-Factor Authentication

In this Election Security Spotlight, the Elections Infrastructure Information Sharing and Analysis Center (EI-ISAC) discusses multi-factor authenticat...

Tracing the Evolving Levels of Support for WebAuthn thumbnail
BLOG POST - https://www.cisecurity.org/insights/blog/tracing-the-evolving-levels-of-support-for-webauth...

Tracing the Evolving Levels of Support for WebAuthn

There are a large number of products that support WebAuthn and other standards in the FIDO Framework. Let's examine some of these now....

Authentication and Authorization Using Single Sign-On
BLOG POST - https://www.cisecurity.org/insights/blog/authentication-and-authorization-using-single-sign...

Authentication and Authorization Using Single Sign-On

By: Kathleen M. Moriarty, CIS Chief Technology Officer In order to prevent credential theft from phishing attacks, there is a push for multi-factor au...

How DMARC Advances Email Security
BLOG POST - https://www.cisecurity.org/insights/blog/how-dmarc-advances-email-security

How DMARC Advances Email Security

While some identity management protocols such as multi-factor authentication have made modern advancements, others – like email authentication – have ...

CIS
ADVISORY - https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-progress-moveit-products-co...

2024-075: Multiple Vulnerabilities in Progress MOVEit Products Could Allow for Authentication Bypass

Multiple vulnerabilities have been discovered in MOVEit products, which could allow for authentication bypass. MOVEit Gateway acts as...

CIS
ADVISORY - https://www.cisecurity.org/advisory/a-vulnerability-in-github-enterprise-server-ghes-could-...

2024-060: A Vulnerability in GitHub Enterprise Server (GHES) Could Allow for Authentication Bypass

A vulnerability has been discovered in GitHub Enterprise Server (GHES), which could allow for authentication bypass. GHES is a popular platform for...

CIS
ADVISORY - https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-palo-alto-pan-os-could-allo...

2024-130: Multiple Vulnerabilities in Palo Alto PAN-OS Could Allow for Authentication Bypass

Multiple vulnerabilities have been discovered in Palo Alto <span style="color...

100% of Georgia Counties Join Cybersecurity Protection Group
MEDIA MENTION - https://www.cisecurity.org/about-us/media/media-mention/what-is-a-one-time-password-us-news...

What is a One-Time Password? | US News – U.S News and World Report Money

One-time passwords can help prevent ID theft, reduce the need for IT support, and help resist cyberattacks called replay attacks....

CIS Password Policy Guide: Passphrases, Monitoring, and More
BLOG POST - https://www.cisecurity.org/insights/blog/cis-password-policy-guide-passphrases-monitoring-a...

CIS Password Policy Guide: Passphrases, Monitoring, and More

Love them or hate them, but passwords have undeniably been a time-tested and imperfect method for user authentication that can protect organizations f...

msisac-owner
PAGE - https://www.cisecurity.org/ms-isac/dhs-issues-binding-operational-directive-on-enhancing-em...

DHS Issues Binding Operational Directive on Enhancing Email and Web Security

Date Issued: October 17, 2017 The U.S. Department of Homeland Security (DHS) released Binding Operational Directive (BOD) 18-01 directing federal agen...

eiisac-owner
SPOTLIGHT - https://www.cisecurity.org/insights/spotlight/cybersecurity-spotlight-passwords

Election Security Spotlight – Passwords

What it is Passwords are a critical yet basic authentication mechanism in information security that consists of a combination of alphabetic, numeric, ...

CIS
BLOG POST - https://www.cisecurity.org/insights/blog/why-oauth-is-so-important-an-interview-with-justin...

Why OAuth is so Important: An Interview with Justin Richer

This is the third article in this series by Kathleen Moriarty, CIS Chief Technology Officer. In this article, Moriarty interviews Justin Richer, an in...

An Overview of Email Security article
SPOTLIGHT - https://www.cisecurity.org/insights/spotlight/election-security-spotlight-what-is-email-sec...

Election Security Spotlight – What Is Email Security?

In this Election Security Spotlight, the Elections Infrastructure Information Sharing an Analysis Center (EI-ISAC) provides an overview of email secur...

The LLM Misinformation Problem I Was Not Expecting blog article
BLOG POST - https://www.cisecurity.org/insights/blog/the-llm-misinformation-problem-i-was-not-expecting

The LLM Misinformation Problem I Was Not Expecting

Kathleen Moriarty discusses an unexpected LLM misinformation problem: students incorporating non-vetted AI results into their assignments....

11 Cyber Defense Tips to Stay Secure at Work and Home
BLOG POST - https://www.cisecurity.org/insights/blog/11-cyber-defense-tips-to-stay-secure-at-work-and-h...

11 Cyber Defense Tips to Stay Secure at Work and Home

To uphold your personal responsibility for cybersecurity, here are 11 steps that you can use to strengthen your cyber defense at home and at work....

Blog Featuring 8 Security Essentials for Managing Your Online Presence
BLOG POST - https://www.cisecurity.org/insights/blog/8-security-essentials-for-managing-your-online-pre...

8 Security Essentials for Managing Your Online Presence

Election officials need to manage their online presence to stay safe from cyber threat actors. Here are eight security essentials to help you get star...

Mimikatz: The Finest in Post-Exploitation
BLOG POST - https://www.cisecurity.org/insights/blog/mimikatz-the-finest-in-post-exploitation

Mimikatz: The Finest in Post-Exploitation

Part 2 in a series on Malware Overview The MS-ISAC continuously observes attacks using the post-exploitation credential stealing tool Mimikatz. Many c...

How to Secure Your Online Identity with Security Keys blog article
BLOG POST - https://www.cisecurity.org/insights/blog/how-to-secure-your-online-identity-with-security-k...

How to Secure Your Online Identity with Security Keys

An intern with our CTO office embarked on a short project to protect her accounts with security keys. Here's what her experience was like....

Where Does Zero Trust Begin and Why is it Important?
BLOG POST - https://www.cisecurity.org/insights/blog/where-does-zero-trust-begin-and-why-is-it-importan...

Where Does Zero Trust Begin and Why is it Important?

By: Kathleen M. Moriarty, CIS Chief Technology Officer Zero trust is an important information security architectural shift. It brings us away from the...