Get In Touch
Recently by Or Katz
In my previous blog, I discussed the important role multi-factor authentication (MFA) plays in further securing access to enterprise and consumer services. We also established the fact that although MFA increases authentication security and decreases the risk of account takeover, MFA can, and is, being bypassed in the wild.
The use of authentication factors, one of the most fundamental and well understood concepts in information security, enables secure access to applications, services, and networks. It can affect an enterprise's security posture, however, as the drastic increase in data breaches and system attacks are largely based on compromised authentication.
Reflecting on the past year led me to put together this post about how I believe this incredibly challenging year has had an irreversible effect on the way the workforce will collaborate, innovate, and do business in the future. The COVID-19 pandemic emerged at the beginning of 2020 and led to new guidelines that affected the workforce around the globe. Countries around the world introduced policies to help contain infection
Our three-part blog series, Re-thinking Defensive Strategy at the Edge, has been focusing on outlining a new defensive edge strategy for today's enterprise. We began with a discussion of data and indicators. Most recently, our second post focused on using risk signals and correlating them for improved security controls. This last post in the series will transition the discussion from data and correlation into how to use these to enable
In the first post in our blog series Rethinking Defensive Strategy at the Edge, we began to outline why a new defensive edge strategy is needed for today's enterprise. As previously mentioned, the strategy enhances those in place and introduces another layer of defense that includes the following three components: data and indicators, risk-based signals and entities, and protective actions. This post explores user entities as well as risk-based signals
In recent years, new enterprise remote access architectures and frameworks have been introduced, such as Zero Trust Access (ZTA). Those concepts have driven changes in the way the network perimeter has been defined -- specifically, from the outside in, not the inside out. Access to applications and services usually start from users and devices outside of traditional on-premises network perimeters.
The emergence of the COVID-19 outbreak dramatically changed and disrupted the normal routines of our personal and professional lives. It led us to stay inside and work from home. It altered our browsing habits from our corporate devices, and it led to increased levels of security risk exposure.
The days from Christmas Eve to New Year's Day are filled with celebrations. Many companies shut down and encourage their employees to take vacations. However, a sample of data comparing an average work week around the holiday, shows the idea of "downtime" isn't exactly accurate. In fact, many users are accessing corporate applications even on holidays such as Christmas and New Year's Day, particularly in the United States.
Phishing is an extremely common attack vector that has been used for many years, and the potential impact and risks involved are well known to most Internet users. Despite this, phishing is still a highly relevant attack method being used in the wild, affecting many people. The question is, how can a security threat continue to have a significant impact, even though many Internet users know about the risks and