Safeguard
Tag

identity-security

Safeguard articles tagged "identity-security" — guides, analysis, and best practices for software supply chain and application security.

33 articles

Identity Security

mTLS (mutual TLS)

What is mTLS? A precise breakdown of mutual TLS authentication, how it differs from standard TLS, why service meshes depend on it, and how to handle certificate rotation.

Mar 2, 20267 min read
Identity Security

OIDC (OpenID Connect)

A precise technical answer to "what is OIDC": how OpenID Connect extends OAuth 2.0 with ID tokens, federated identity, and token exchange to secure modern authentication.

Mar 1, 20267 min read
Identity Security

Workload identity federation

What is workload identity federation? A precise breakdown of keyless cloud authentication, GitHub Actions OIDC, and short-lived credentials replacing static API keys.

Mar 1, 20268 min read
Identity Security

JWT (JSON Web Token)

A JWT (JSON Web Token) is a compact, signed token used to prove identity and claims between systems. Here's how they work, and where they break.

Mar 1, 20268 min read
Identity Security

PASETO tokens

PASETO tokens explained: what is PASETO, how PASETO vs JWT differs, and why platform-agnostic security tokens with versioned crypto are safer by design.

Mar 1, 20267 min read
Identity Security

Zero trust architecture (ZTA)

A precise definition of zero trust architecture, the NIST 800-207 model, ZTNA vs VPN, and how zero trust principles apply to securing modern software supply chains.

Feb 28, 20267 min read
Identity Security

How to set up mutual TLS (mTLS) between microservices

A step-by-step guide to configuring mTLS across microservices with Istio — from CA setup and PeerAuthentication policies to certificate rotation and verification.

Feb 19, 20266 min read
Identity Security

How to rotate SSH keys safely

A step-by-step guide to rotating SSH keys without downtime: inventory existing keys, generate new pairs, cut over safely, revoke old keys, and verify nothing was missed.

Feb 18, 20268 min read
Cloud Security

Enterprise Cloud Security: Architecture and Program Design

Enterprise cloud security fails when it is treated as a tool purchase instead of an architecture. Here is how to design the layers, the ownership model, and the program around them.

Feb 17, 20266 min read
Best Practices

What is Multi-Factor Authentication (MFA)

MFA blocks over 99% of credential-based attacks, but Uber, Cisco, and Twilio breaches show how push-bombing and AiTM phishing still get around it.

Feb 15, 20266 min read
Cloud Security

How to enable MFA on an AWS root account

A step-by-step guide to enabling MFA on your AWS root account, covering virtual MFA device setup, verification commands, troubleshooting, and ongoing security best practices.

Feb 15, 20268 min read
Identity Security

How to implement zero trust network architecture

A practical, step-by-step guide to implement zero trust network architecture: identity, microsegmentation, posture checks, policy-as-code, and verification.

Feb 14, 20267 min read
identity-security (Page 2) — Safeguard Blog