security research

Everyone has probably had this experience at some point: you set up an account for a work application—and the next time you need to use it, you’ve forgotten the complex password the application required. For today’s workforce, the erosion of trust in technology starts with the unreliability of a system designed to protect our identities: passwords…

FIDO is an acronym that comes from the Latin fido, meaning ‘to trust’, which was popularised by Abraham Lincoln—who borrowed it to name his dog. It’s a fitting name for man’s best friend, and just as appropriate in the security world, where trust is key. A more technical reference, FIDO (Fast IDentity Online), emerged in 2012 and is backed by a…

For many, January is an opportunity to hit the reset button. It’s around this time of year that you’ve probably jotted down your New Year’s Resolutions in that brand new 2019 planner, joined that fitness club down the street (that you’ve been too intimidated to set foot in), and charted out your professional “big rocks”, as we call them at Okta…

People who live in glass houses, probably shouldn’t throw stones. Over the last month, many organizations and thought leaders have lined up to criticize Facebook over their recent breach. While I agree with them — it was pretty bad, I propose that we also take a step back to look at the bigger picture. In actuality, Facebook should be commended on…

While the internet lights up with terrifying costume ideas every October, what we find truly scary are the security breaches that have hit major companies in recent months. Luckily, we have National Cybersecurity Awareness month to provide focus and resources toward a safe and secure internet. To celebrate and observe the month, our diverse team…

Today’s post gives an overview of how Okta integrates with Java EE Application Servers to protect your Java infrastructure. This includes: Oracle WebLogic IBM WebSphere Red Hat JBoss Glassfish I also cover improving end-user experience and security with Single Sign-On (SSO) and Adaptive Multi-Factor Authentication (MFA), and how to simplify…

While the internet lights up with terrifying costume ideas every October, what we find truly scary are the security breaches that have hit major companies in recent months. Luckily, we have National Cybersecurity Awareness month to provide focus and resources toward a safe and secure internet. To celebrate and observe the month, our diverse team…

Financial technology (fintech) is one of the hottest categories of tech, and a major disruptor in banking and financial services. Billion-dollar valuation companies such as Stripe, Sofi and Square are competing with traditional financial institutions, and winning. And while these old-world companies have been taken by surprise, they are adapting…

The Zero Trust security framework was first developed by John Kindervag in 2009 while he was at Forrester Research. Zero Trust challenged the traditional security model of a firewall forming a perimeter between a trusted internal network and an untrusted external one. This security approach breaks down if a threat actor is able to penetrate that…

This piece is the first in a series of three blog posts on bug bounty programs and what are some considerations to think about when investing in or launching the program. Bug bounty program delivery models range from self-managed input channels for receiving vulnerabilities, platform managed private programs with a small curated list of…