All Articles
45 articles found2026: The Year Agentic AI Becomes the Attack-Surface Poster Child
Analysis of how agentic AI is reshaping the cybersecurity attack surface in 2026 and what organizations need to do to prepare.
"Microsoft on Microsoft" Hack: Why Hierarchical Tenancy Wins Over Flat Multi-Tenancy
The Black Hat "Microsoft on Microsoft" hack exposed a fundamental flaw in flat identity models. Here is how SecureAuth's hierarchical architecture provides the logical walls that developers often forget to build.
How SecureAuth Solves the Identity Vendor Crisis: A Technical Deep Dive
A follow-up to our analysis of vendor risk, this white paper details how SecureAuth's Private Authority, Continuous Governed Authority, and Modular Delegation architecture directly address the systemic vulnerabilities in Mega IdPs.
The Hidden Attack Surface: Why Your Identity Vendor Is Your Biggest Security Risk
In 2024, the cybersecurity industry experienced a fundamental shift: vendors themselves became the attack vector. From Microsoft's Midnight Blizzard breach to Okta's repeated credential compromises, the message is clear.
ConsentFix: When 'Legitimate Microsoft Login' Is the Trap and How SecureAuth Prevents It
Push Security disclosed ConsentFix, a new browser-native social-engineering technique that blends ClickFix-style user prompts with OAuth authorization abuse—allowing attackers to take over accounts without stealing passwords or MFA codes.
Why Authorization is the Control Plane for Trust in AI
As AI systems become more autonomous, authorization becomes the critical control plane for establishing and maintaining trust. Learn how to govern AI decision-making with identity-first security.
How to Build a Secure AI Agent Using SecureAuth and MCP
A comprehensive guide on implementing identity-based access for AI agents using the Model Context Protocol (MCP). Learn to secure your autonomous AI workflows.
Architecting Secure AI Workflows with SecureAuth's Microperimeter™
Discover how Microperimeter technology creates fine-grained security boundaries around AI workflows, enabling secure automation without compromising control.
Empowering AI Agents Securely: The Role of MCP
Model Context Protocol (MCP) is revolutionizing how AI agents interact with enterprise systems. Learn how SecureAuth enables secure, governed AI agent deployments.
Securing the Rise of Agentic AI
Agentic AI is transforming enterprise operations, but with autonomy comes risk. Explore the security challenges and solutions for governing AI agents at scale.
How to Reduce MFA Friction While Keeping Your Enterprise Secure
Multi-factor authentication doesn't have to frustrate users. Learn strategies for implementing adaptive MFA that balances security with seamless user experience.
Seamless IAM Integration: How to Modernize Without the Pain of Legacy Systems
Legacy IAM systems don't have to hold you back. Discover proven strategies for modernizing identity infrastructure without disrupting operations.
How Technology Proliferation is Undermining Your IAM Strategy
The explosion of SaaS apps and cloud services has created IAM sprawl. Learn how to regain control of your identity landscape and reduce security gaps.
The Future of Authentication: Insights and Strategic Actions for CIOs
Authentication is evolving rapidly. Get executive insights on passwordless adoption, continuous authentication, and building a future-proof identity strategy.
Zero Trust in Token-Based Architectures
Token-based authentication is essential for modern applications, but tokens can be stolen. Learn how to apply Zero Trust principles to token security.
Guide: 10 Essential Tips to Prevent Account Takeovers
Account takeover attacks are on the rise. This comprehensive guide provides actionable tips for users and organizations to safeguard accounts against phishing and social engineering.
How CIAM Shields Your Customers from Account Takeover Attacks
Customer Identity and Access Management uses adaptive authentication and phishing-resistant MFA to protect user data. Learn how CIAM stops ATO attacks.
Why Phishing is Still a Top Threat and How CIAM Can Stop It
Despite decades of awareness, phishing remains devastatingly effective. Discover how modern CIAM solutions neutralize phishing attacks at scale.
Accelerate Your CIAM Vendor Implementation
CIAM implementations don't have to take months. Learn best practices for rapid deployment while maintaining security and user experience standards.
The Key to Scalable CIAM and Cost-Efficient Solutions
Scaling customer identity to millions of users while controlling costs is a key challenge. Explore strategies for building efficient, scalable CIAM architectures.
Elevate Your Bot Detection: Why Your WAF Needs Our Intelligent Risk Engine
Traditional WAFs can't stop sophisticated bots. Learn how SecureAuth's Intelligent Risk Engine adds behavioral analysis and continuous assessment to your bot defense.
Beyond Tech: A Customer-First Identity & Access Management Approach
IAM isn't just about technology—it's about people. Discover how a customer-first approach to identity improves security outcomes and user satisfaction.
Empowering Users Through Effective Consent Management in IAM
Privacy regulations demand robust consent management. Learn how to implement user-friendly consent flows that meet compliance requirements without friction.
Breaking the Mold: SecureAuth's Bold Vision for Identity and Access Management
The IAM industry is ripe for disruption. Explore SecureAuth's vision for continuous authority and how it's reshaping enterprise identity security.
Top Five Reasons to Replace RSA SecureID with SecureAuth
Still using RSA SecureID? Discover why organizations are migrating to SecureAuth for better security, user experience, and total cost of ownership.
Top 5 Reasons to Choose Adaptive SSO Authentication
Static SSO is no longer enough. Learn why adaptive single sign-on with risk-based policies delivers better security without sacrificing convenience.
Harmonizing Security and User Experience: A Modern Approach
Security and UX don't have to conflict. Explore modern approaches that deliver strong authentication with frictionless user experiences.
I Think My Credentials May Have Been Compromised. Now What?
A comprehensive guide for users and IT teams on immediate actions to take after a suspected credential breach. Protect your accounts and limit damage.
Enhancing VDI Security for Improved Usability
Virtual Desktop Infrastructure security often frustrates users. Learn how to implement strong VDI authentication that enhances rather than hinders productivity.
Tackling MFA Challenges with Passwordless Continuous Authentication
Traditional MFA has limitations. Discover how passwordless continuous authentication addresses MFA fatigue, phishing, and token theft simultaneously.
A New Chapter Unfolds: SecureAuth Announces Acquisition of Cloudentity
SecureAuth's acquisition of Cloudentity combines continuous authentication with fine-grained authorization, creating the industry's most complete identity platform.
Identity 101: Acronyms in Identity Management – A Comprehensive Guide
IDaaS, SSO, SAML, OAuth, FIDO2—identity management has a lot of acronyms. This updated glossary explains essential IAM terms in plain language.
Committing to Data Privacy: Why It Matters More Than Ever
Data privacy isn't just compliance—it's trust. Learn why privacy-first identity practices are essential for building customer confidence and avoiding breaches.
Why Do I Have to Change My Password Every 30/60/90 Days?
Password rotation policies are controversial. Explore the history, the debate, and modern alternatives that provide better security with less friction.
Protecting Credentials in SAP HANA: The Client Secure User Store
SAP HANA credential management requires special attention. Learn best practices for securing credentials with the Client Secure User Store.
A New Chapter in SecureAuth's Commitment to Open Security Research
SecureAuth is proud to host and maintain Impacket, the essential Python library for network protocol security research. Learn about our commitment to open source.
The Arms Race of Browser and Device Fingerprinting
Fingerprinting is a powerful fraud detection tool, but privacy browsers fight back. Understand the cat-and-mouse game and its implications for identity security.
SecureAuth CIAM: Latest Enhancements for Smoother Identity Experiences
SecureAuth CIAM continues to evolve with new features that make consumer identity authentication and authorization experiences smoother and smarter.
SecureAuth at the Gartner Identity and Access Management Summit 2024
Highlights from SecureAuth's presence at the Gartner IAM Summit, including key takeaways on continuous authentication and the future of identity security.
Identity 101 for AI Agents
AI agents are the new workforce—but they need identities too. This primer covers OAuth 2.1 fundamentals, Client Credentials vs. Authorization Code flows, and how to treat agents as auditable digital employees.
Wiring MCP to Your IdP
Don't build a mini-IdP inside your MCP server. This guide shows how to wire MCP to your existing Identity Provider so the IdP remains the single source of truth for identity and access.
Inside the Firewall: Securing Internal Tools
Even behind the firewall, AI agents need proper identity controls. Explore four advanced OAuth 2.1 patterns—Token Exchange, RAR, PAR, and CIBA—that enable secure, automated access to internal tools.
Inviting SaaS AI—Without Inviting Trouble
When AI agents cross the enterprise–SaaS boundary, trust becomes the critical challenge. Learn how OAuth 2.1, Trust Registries, and Dynamic Client Registration keep external AI integrations secure.
Automated Trust: OpenID Federation & CDR-Style Accreditation
Manual trust setup doesn't scale for agentic AI. OpenID Federation 1.0 enables parties with no prior relationship to dynamically establish trust through digital signatures, trust chains, and accreditation registries.
We Love Relaying Credentials: A Technical Guide to Relaying Credentials Everywhere
A comprehensive walkthrough of NTLM credential relay attacks — from cross-protocol relaying and multi-relay to attacking Active Directory Certificate Services and Shadow Credentials — using Impacket's ntlmrelayx.py.