Identity 101 Index

Authentication

• Defining Certificate Authority and How It Works
• Multi-factor Authentication + VPN = Secure and Private 
• Why Multi-Factor Authentication is Everywhere
• What is Strong Authentication? We Rank 6 Security Factors 
• Should You Choose U2F or Adaptive MFA?
• Which Industries Require Two-Factor Authentication?
• Authentication vs Authorization
• What Is a Security Token (or Authentication Token) and How Does It Work?
• What to Look for in a Risk-Based Authentication Solution
• What is the Most Secure Authentication Method for Your Organization?
• Biometrics: Secure Authentication in the Modern Age
• What’s the Difference Between OAuth, OpenID Connect, and SAML?
• Take Your Security to the Next Level with Context-Based Authentication
• What Is Token-Based Authentication and Who Uses It?
• SAML vs. OAuth: Comparison and Differences
• Universal 2nd Factor (U2F): History, Evolution, Advantages
• Web Authentication: How Is Web API Basic Authentication Used?
• PEAP (Protected Extensible Authentication Protocol)
• CAPTCHA: Meaning, Types & How They Work
• Authentication Server: Definition, Architecture & Operations
• Understanding Adaptive Authentication and How It Works

AD/Active Directory

• Tips to Better Leverage Your Active Directory
• Single Sign-On: The Difference Between ADFS vs. LDAP 
• How Okta Helps Automate User Provisioning for Active Directory
• LDAP vs. Active Directory: What's the Difference

Customer Identity and Access Management (CIAM)

• Defining Data Profiling: Processes and Usage
• Defining Customer Identity & Access Management (CIAM)
• How CIAM Solutions Help Protect Your Customers’ Data

Digital Transformation

• What Is the Cloud? Defining Remote Internet Infrastructures
• How Legacy Apps Are Moving to the Cloud: Office 365
• What Is Hybrid Cloud Architecture and How Can We Use It?
• What Is Cloud Native Architecture: A Guide
• Arriving at a Hybrid IT Definition
• How To Plan a Successful Cloud Migration Strategy
• What Is SaaS? Defining Software as a Service

Identity and Access Management (IAM)

• Anti-Money-Laundering (AML) Risk Approach Explained
• Identity Verification Defined and How Does It Work
• User Access Management Basics
• An Overview of Identity and Access Management (IAM)
• What is IDaaS? Understanding Identity as a Service and Its Applications
• Privacy, Security, Efficiency: The Benefits of a Cloud Identity Provider
• Setting Up IAM: Managing Permissions to Ensure Compliance
• How Identity and Access Management Quietly Powers Your Company
• How to Start Investing in Identity and Access Management
• What Is Identity Management and Access Control?
• The Importance of Centralized Identity Management
• The Changing Landscape of Enterprise Identity Management
• 4 Key Things You Should Know About Access Governance
• Identity Governance: What It Is & Why Your Business Needs It
• Access Token: Definition, Architecture, Usage & More
• What Is Access Control & How Crucial Is It to Cybersecurity?
• What Is Authorization? Definition & Comparison with Access Control

IT Management

• What is PCI? Understanding the Importance of PCI Compliance
• Understanding Traffic Bots & How to Stop Them
• Bad Gateway Errors: Why They Happen and 5 Solutions
• What is a Network Access Server?
• Why Your Company Needs an Identity Provider
• How Identity Governance Protects Your Business
• ICMP Protocol (Internet Control Message Protocol): A Guide
• HMAC (Hash-Based Message Authentication Codes) Definition
• IDS vs. IPS: Definitions, Comparisons & Why You Need Both
• HTTP Error 431: Definition, Status, Causes & Solutions
• SD-Wan: Defining a Software-Defined Wide Area Network
• What Is Cached Data? Why & How Should You Clear It?
• HLS Streaming: Definition, Usage, Pros & Cons
• What Is 1.1.1.1 & Does It Really Make Your Internet Safer?
• What Is BaaS (Backend as a Service)? Definition and Usage
• Black-Box Testing: Definition, Types & Techniques
• What Is Edge Computing & Why Does it Matter?
• Fault Tolerance: Definition, Testing & Importance
• Generic Routing Encapsulation (GRE) Tunnel Defined
• Low Orbit Ion Cannon (LOIC): Definition, Damage & Defense
• Origin Servers: Definition, Usage & Edge Server Comparison
• OSI Layers: Understanding the OSI Model & Its 7 Layers
• HTTP vs. HTTPS: Definition, Comparison & Security Implications
• What Is MTU (Maximum Transmission Unit)?
• MX Record: Definition, Usage & Protections
• PAN (Personal Area Network) Definition & Overview
• What Is Round Trip Time? Overview, Formula & Usage
• Serverless Computing: Uses, Advantages, and Disadvantages
• Reverse Proxy: What Is a Reverse Proxy and Why Use One?
• What Is Latency? Definition, Impact & How to Reduce

Lifecycle Management

• Scale Securely: Establishing Universal Directory Policies
• Understanding Lifecycle Management and Regulatory Compliance
• Managing the User Lifecycle: Device Provisioning Made Easy
• What Is Role-Based Access Control (RBAC)?
• Role-Based Access Control vs Attribute Based Access Control

Single Sign-on (SSO)

• What to Look for When Choosing a Single Sign-On Solution
• How to Choose Your SSO Strategy
• Build a Strategy for Password Management
• Federated Identity Management vs. Single Sign-On: What’s the Difference?
• What Is Federated Identity?

Security

• Network Access Control (NAC): Securing Networks by Device
• Cybersecurity Work From Home Tips for Businesses and Employees
• Zoom Vulnerability: Definition & Defense Techniques
• Data Transfer Object DTO Definition and Usage
• Remote Desktop Services (RDS): Security Benefits and Uses
• What Is a Fork Bomb? Definition, Code, Prevention & Removal
• Understanding Private IP Ranges, Uses, Benefits, and Warnings
• SOX Compliance: Definition, Auditing & More
• Aphanumeric Characters and Alphanumeric Password Requirements
• What Is a Spam Bot? Definition & Defenses
• What Is a Teardrop Attack? Definition, Damage & Defense
• What Is a DNS PTR Record & What Is It Used For?
• The PlusToken Cryptocurrency Scheme: Architecture and Exposure
• Address Resolution Protocol (ARP): What It Is and How It Works
• Password Entropy: The Value of Unpredictable Passwords
• SSL Handshake (TLS Handshake) Explained
• What Is a DNS SOA Record & What Is It Used For?
• 3 Common Mistakes That Lead to a Security Breach
• Building Zero Trust Networks: Securing the Perimeter
• How to Set Up Privileged Access Management
• What Is Corporate Account Takeover and How Do We Prevent It?
• Why Is Cloud Security So Important?
• Reducing Your Attack Surface: A Guide
• What Is Least Privilege Access—and Why Do You Need It?
• What is an Attack Surface? (And How to Reduce It)
• Scareware: Definition, Identification & Prevention
• What Is a VPN & How Does It Work?
• Hashing vs. Encryption: Definitions & Differences
• What Is LDAP & How Does It Work?
• DMZ Network: What Is a DMZ & How Does It Work?
• DNS Poisoning (DNS Spoofing): Definition, Technique & Defense
• Asymmetric Encryption: Definition, Architecture, Usage
• ARP Poisoning: Definition, Techniques, Defense & Prevention
• Credential Stuffing: Definition, Techniques & Defense
• Public Key Encryption: What Is Public Cryptography?
• Security as a Service (SECaaS): Advantages & Services
• Ransomware Defined: How Does It Work & How to Prevent It
• IP Spoofing Unraveled: What It Is & How to Prevent It
• Penetration Testing: What Is It & Why Is Pentesting Required?
• Password Encryption: How Do Password Encryption Methods Work?
• Intrusion Prevention System: What Is An IPS? How Do They Work?
• Tokenization Explained: What Is Tokenization & Why Use It?
• RSA Encryption: Definition, Architecture, Benefits & Use
• Hashing Algorithm Overview: Types, Methodologies & Usage
• PGP: Defining Pretty Good Privacy & How PGP Encryption Works
• Cyber Kill Chain Defined: A Review of Cyber Kill Chain Steps
• Macro Virus: Definition, Operation, Prevention & Removal
• Steganography: What Is It and How Does Steganography Work? 
• Advanced Persistent Threat: Definition, Lifecycle, and Defense
• What Is Application Security & Why Is It Essential?
• Firewall: Definition, How They Work and Why You Need One
• CSRF Attack: Cross-Site Request Forgery Definition & Defense
• Security Information & Event Management (SIEM) 101
• Defining Buffer Overflow Attacks & How to Defend Against Them
• Clickjacking: Definition, Defense & Prevention
• Data Exfiltration: Definition, Damage & Defense
• Data Integrity: Definition, Importance & Security Impacts
• DDoS Attack 101: Definition, Techniques, Risks & Prevention
• What Is Deep Packet Inspection (DPI)? Definition & Usage
• Disaster Recovery: Planning, Strategies, Types & Procedures
• Defining DLP (Data Loss Prevention) & Exploring How it Works
• Emotet Malware: Definition, Damage, Defense & Prevention
• Evil Twin Attack: Fake WiFi Access Point Vulnerabilities
• Insider Threat: Definition, Prevention & Defense
• Defining Intrusion Detection Systems & How IDS Monitors Work
• Malvertising: Definition, Techniques & Defense
• What Is the Ping of Death (PoD)? Definition, Damage & Defense
• What Is the Morris Worm? History and Modern Impact
• What Is MyDoom Malware? History, How It Works & Defense
• RC4 Encryption Algorithm Stream Ciphers Defined
• Defining SYN Flood DDoS Attacks: Definition, Damage & Defense
• Stream Cipher 101: Definition, Usage & Comparisons
• RAT (Remote Access Trojan) Software Attacks Defined
• SASE: Secure Access Service Edge Defined
• Brute Force Attack: Preventing Trial-and-Error Logins
• Arbitrary Code Execution (ACE): Definition & Defense
• Cloud Computing Security: Your Comprehensive Guide
• Google Hacking (Google Dorking): Definition & Techniques
• Defining Hping Packet Generator as a Security Tool
• Fraggle Attack: Definition, Damage, Defense & vs. Smurf
• Network Vulnerabilities 101: Types and Prevention Methods
• Elliptic Curve Digital Signature Algorithm (ECDSA) Defined

Compliance

• FISMA Compliance: Definition, Regulations & Requirements

General Web

• What Is Data Scraping? Definition & Usage

FAQ

• Okta FAQ