Inside CISA’s Phishing-Resistant MFA Playbook
As part of a broader federal effort, CISA released a playbook that gives agencies a clear roadmap for rolling out phishing-resistant MFA. Here’s what private sector enterprises can learn from it.
Stopping Scattered Spider-Like Attacks at the Identity Layer: How Airlines Can Thwart Identity-Based Attacks
Scattered Spider does not begin with malware. It begins with a phone call. Their pattern is clear: find a support channel under deadline pressure, sound helpful, and request a credential reset that hands the keys to the attacker.
How enterprises can secure MFA enrollment with identity verification and risk reduction workflows in 2025
Even as enterprises have broadly adopted MFA for their workforces, attackers are finding ways around it. Protecting against threats to secure MFA enrollment, requires stronger identity verification and adaptive risk-based workflows.
Supply-Chain Hacks, SaaS Breaches — and How to Vet Vendors in 2025
The challenge going forward is no longer whether a supplier might be your weakest link: it’s how to manage that risk proactively. This article explores why supply-chain attacks are surging, and what’s at stake for enterprises.
Managing Joiner-Mover-Leaver Risk in 2025 with Automated Onboarding and Offboarding
Joiners need instant, precise access; movers collect too many privileges over time; leavers leave ghost accounts. Without automated provisioning and deprovisioning, and identity risk management, every stage elevates risk.
NIST SP 800-63-4 Is Coming — Are Your Assurance Levels Ready?
Learn what’s changing in NIST identity guidelines and how ID Dataweb helps meet new Identity Assurance Level, Authenticator Assurance Level and Federation Assurance Level standards
Automating Workforce Identity Management with an Orchestration Platform
If you’re an IT administrator, you know the pain of traditional workforce identity management. Provisioning accounts, verifying identities, handling contractors, disabling access for departures. Identity orchestration simplifies IAM.
The Machine Identity Problem in Counterfraud Operations
In fraud prevention, robust machine identity is as critical as user identity – if you can’t trust what device is on the other end, you can’t fully trust the user.
5 Key Fraud Signals to Incorporate in Your Counter-Fraud Strategy
Enterprises in finance, healthcare, insurance, and aviation are all seeing fraudsters exploit passwords and static KBA questions. Instead of a one-size-fits-all login process, an orchestrated approach evaluates diverse risk signals (device, network, user behavior, identity data, etc.) in real time, then dynamically escalates or relaxes verification based on risk.
IT Procurement for Identity Security and Counterfraud Solutions
Procuring the right identity and fraud prevention technologies is the difference between business as usual and a costly breach. Today’s enterprises must invest in identity security and counterfraud solutions to protect both their users and their data.
