Securing Access: The Power of Access Certification in IGA Webinar Summary

Maintaining up-to-date user access rights is a paramount security challenge. Changes in the organizational structure, the transfer of users to other departments, changes in security policies, and other transformational processes within a company require the reassessment of the existing access rights. A regular review of user access is a key element of an effective access Read more about Securing Access: The Power of Access Certification in IGA Webinar Summary[…]

Flexible Authentication Webinar Summary

Authentication methods are constantly evolving. Today, traditional authentication with a username and password is not enough. There are different authentication methods that can be employed. That’s why we introduced the new concept of flexible authentication in midPoint 4.1. Authentication methods in midPoint can now be configured in many different ways using various combinations of authentication Read more about Flexible Authentication Webinar Summary[…]

Securing MidPoint 4.8: A Collaborative Effort

In a collaborative effort to bolster the security of midPoint, a grant provided by the NGI Zero Review program enabled us to cooperate with Radically Open Security, who performed an extensive security penetration testing exercise. This initiative underscores our commitment to fortifying midPoint against potential threats. Their expertise revealed a number of security weaknesses, each Read more about Securing MidPoint 4.8: A Collaborative Effort[…]

Securing MidPoint Deployments Webinar Summary

The security of deployments and applications is becoming increasingly important, and many organizations need to increase the security of their applications. The webinar on April 04, 2024, was an overview and refresher on various configuration and deployment aspects regarding security – from the initial installation and configuration, expressions, scripting, various recommendations when using Self Registration, Read more about Securing MidPoint Deployments Webinar Summary[…]

Evolveum and RSA Conference 2020

RSA Conference 2020 and the Human Element

Few weeks ago we attended RSA Conference, the biggest cyber security conference in the world. The conference took the whole week starting on Monday February 24th and ending up in the afternoon of February 28th with the great Penn & Teller show. It was exhausting but rich week during which we got a lot of Read more about RSA Conference 2020 and the Human Element[…]

There is No Security without Identity Management

It isn’t. That’s how it is. Why? Take any study describing potential information security threats. What do you see among the top threats there? Take another study. What do you see there? Yes. That’s the one. It is consistently marked as one of the most serious threats in vast majority of studies published for (at least) last couple of decades. Yet it looks like nobody really knows what to do about this threat. So, who is this supervillain? He’s right under your nose. It is the insider. […]