<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">

We're blowing the whistle on Legacy PAM 🏀 Join us for an Access Madness Webinar on March 28

Search
Close icon
Search bar icon
blog /
Privileged Access in the Age of Cloud Authentication & Ephemeral Credentials

Privileged Access in the Age of Cloud Authentication & Ephemeral Credentials

The way that people work continues to evolve, and as a result, so do the ways that they must authenticate into their organization’s resources and systems. Where once you simply had to be hardwired into the local office network, now you must expand your perimeter to include remote and hybrid workforces, on-prem and cloud environments, and take into account a growing list of factors that impact how and where people access critical company resources.
How to Prevent Credential Stuffing [9 Best Practices]

How to Prevent Credential Stuffing [9 Best Practices]

In this article, we’ll explore the risks of credential stuffing attacks, common techniques used by attackers, signs that your accounts may be compromised, and credential stuffing prevention techniques you can use to reduce your risk.
AWS Authentication Best Practices (That Go Beyond MFA)

AWS Authentication Best Practices (That Go Beyond MFA)

AWS authentication confirms the identity of users trying to access your resources, safeguarding against potential intrusions and data breaches. But weak authentication practices—like easy-to-guess passwords and single-factor authentication (SFA)—are far too common and they leave the door wide open for threat actors. Weak authentication often leads to data theft, resource misuse, financial and reputational nightmares…the list goes on. On the contrary, strong authentication measures like
Connect to Even More Resources with StrongDM’s AWS Management Console

Connect to Even More Resources with StrongDM’s AWS Management Console

We’ve just launched our AWS Management Console, adding yet another supported authentication method to improve control and auditability–so you can protect your business and improve employee productivity.
Token-based Authentication: Everything You Need to Know

Token-based Authentication: Everything You Need to Know

Secured authentication to databases and applications is crucial to enterprise cybersecurity management. Unfortunately, 82% of all breaches involve human error, including misused or compromised credentials that give threat actors unauthorized access to network resources. Luckily, there’s a solution that ensures security without the risks that come with traditional, credential-based authentication. This article discusses token-based authentication and explains why it's a reliable and flexible
LDAP vs. Active Directory: Everything You Need to Know

LDAP vs. Active Directory: Everything You Need to Know

Struggling to understand the difference between Active Directory and LDAP? Don't worry, we’ll make it simple. These are just two among many methods that can provide secure user authentication and authorization. The information in this article will help you decide if LDAP or Active Directory is right for your organization. Robust security and a seamless user experience are attainable, and you can have both!
SAML vs. OAuth: Everything You Need to Know

SAML vs. OAuth: Everything You Need to Know

In this article, we will provide a high-level overview of the Security Assertion Markup Language (SAML) and Open Authorization (OAuth) information access frameworks. You’ll learn about the key similarities and differences between SAML and OAuth, the unique benefits of each framework, and specific use cases for each. By the end of this article, you’ll have a clear understanding of SAML and OAuth to help you determine which is right for your organization.
Credential Stuffing: How to Detect and Prevent It

Credential Stuffing: How to Detect and Prevent It

In this article, we’ll define credential stuffing and explain the risks that credential stuffing attacks pose to organizations and customers. We’ll cover recent examples of credential stuffing attacks and discuss how to detect and prevent them. By the end of the article, you should understand the full scope of credential stuffing, including how to protect your customers’ and employees’ account credentials with the right tools.
What is a Brute Force Attack? Types, Examples & Prevention

What is a Brute Force Attack? Types, Examples & Prevention

In this article, we’ll take a comprehensive look at brute force attacks: what they are, how they work, and the different shapes they can take. You'll learn about popular tools utilized by hackers and examples of brute force attacks in action. By the end of this article, you'll be able to understand critical prevention measures for brute force attacks.
The Difference Between SAML vs. OIDC

The Difference Between SAML vs. OIDC

The main difference between SAML and OIDC is that SAML builds the trust relationship between the service provider (SP) and the IdP, whereas OIDC trusts the channel (HTTPS) that is used to obtain the security token.
SAML vs. LDAP: Everything You Need to Know

SAML vs. LDAP: Everything You Need to Know

The difference between SAML and LDAP is that SAML is designed for cloud-based connections using only an IdP and SP to communicate user data. LDAP, however, is typically used for accessing on-premises resources by installing a client on the user's device to connect with a directory service.
11 Common Authentication Vulnerabilities You Need to Know

11 Common Authentication Vulnerabilities You Need to Know

In this article, we’ll take a look at what authentication vulnerabilities are, how they emerge, and how these issues can affect your organization. Also, you’ll learn about the most common authentication-based vulnerabilities and their implications. By the end of this article, you’ll know the best practices to prevent these authentication issues and keep sensitive data safe.
How to Avert Authentication Bypass Vulnerabilities for Self-hosted Web Infrastructure

How to Avert Authentication Bypass Vulnerabilities for Self-hosted Web Infrastructure

When it comes to self-hosting critical web infrastructure, modern security requires more than simply siloing an appliance to a local network. In this article, we will discuss new methods for authentication bypass vulnerabilities, simplify end-user experiences, and satisfy compliance requirements—without the need for legacy VPN solutions. Here’s how.
What is WebAuthn? Web Authentication Explained

What is WebAuthn? Web Authentication Explained

In this article, we will take a deep dive into WebAuthn and some of its associated authentication concepts. We’ll go over the history of WebAuthn and help you better understand the benefits and challenges of using this standard of secure authentication. By the end of this WebAuthn guide, you’ll be able to fully define the concept and grasp how to incorporate it into your organization's security program and web applications.
StrongDM app UI showing available infrastructure resources
Connect your first server or database, without any agents, in 5 minutes.