The NIS2 Directive of the European Union aims to increase level of cybersecurity in crucial sectors of industry and government. The directive introduces cybersecurity requirements that are expected to be applied consistently across the EU. The directive touches on many areas of cybersecurity, including identity governance and administration. Directive (EU) 2022/2555 of the European Parliament Read more about NIS2 Directive and Identity Governance[…]
The European Union is quite busy producing cybersecurity regulations. Several cybersecurity-related acts have passed during the last few years, and even more are on the way. The EU looks like it really means to improve cybersecurity. However, an avalanche of new legislation can be quite confusing. Let’s take a closer look at the EU cybersecurity initiative. […]
ISO 27001 is an international standard for information security. It is guidelines for cybersecurity best practices used all over the world. Identity governance and administration (IGA) plays a major part. It is quite natural that midPoint, being a leading open source IGA platform, can be an essential tool for ISO 27001 compliance. […]
NIS2 is an upcoming directive of the European Union on the security of networks and information systems. It is a part of a broader European initiative to significantly improve cybersecurity across a wide variety of organizations and industries. NIS2 is coming into force this autumn, affecting thousands of organizations in each EU member country. We had a closer look at the NIS2 directive in a special webinar and explained how midPoint can help with compliance. […]
We have recently published source code of midPoint book on GitHub: https://github.com/Evolveum/midpoint-book Please note that, unlike midPoint, the book is not open source. The finished book is published under the terms of Creative Commons Attribution-NonCommercial-NoDerivatives 4.0 International License (CC BY-NC-ND). However, this license does not apply to book’s source code. No explicit license is granted Read more about MidPoint Book Source Code Is Published on GitHub[…]
We are currently working on improvements to midPoint user experience, and we are planning even more of them in the future. However, to make good user experience improvements, we need to know how midPoint is used. MidPoint is a comprehensive open source platform, it can be used in a myriad of different ways and configurations. Read more about MidPoint Basic Use Survey[…]
The midPoint book Practical Identity Management with MidPoint was just updated. It has been updated to match with the midPoint 4.4 LTS release. There is also a comprehensive glossary of IAM terms. All the text, examples and pictures in the book were reviewed and updated to match midPoint 4.4. There have been significant improvements in Read more about MidPoint Book 2.2[…]
We interrupt your usual programming (again) to bring you this breaking news (again) about a dangerous and far-reaching vulnerability. This time it is CVE-2022-22965, a.k.a. “Spring4Shell”, a zero-day remote code execution vulnerability in Spring framework. Similarly to Log4Shell, midPoint is not vulnerable to Spring4Shell attack. However, there are some actions that you may need or want to take. […]
We interrupt your usual programming to bring you this breaking news about CVE-2021-44228, a.k.a “Log4Shell” vulnerability.
However, there is not much to talk about. MidPoint is not vulnerable to this attack, as midPoint is not using the Log4j logging implementation.
Despite that, there are some thoughts that we would like to share concerning this dangerous and far-reaching vulnerability. […]