identity-security
Safeguard articles tagged "identity-security" — guides, analysis, and best practices for software supply chain and application security.
33 articles
How to configure Azure AD Conditional Access policies
A step-by-step guide to configure Azure AD conditional access policies safely — MFA enforcement, device compliance, report-only piloting, and troubleshooting tips.
How to implement password policy best practices
A step-by-step guide to implement password policy best practices: aligning with NIST guidelines, dropping outdated complexity rules, and rolling out passwordless authentication.
State of Cloud Security Report Overview
This year's cloud security reports point to the same conclusion: detection isn't the bottleneck anymore — identity sprawl, supply chain risk, and slow remediation are.
Using OCI resource principal authentication to avoid embe...
A concrete guide to OCI resource principal authentication: how it works, how it differs from instance principals, and how to eliminate static API keys from OCI workloads.
Designing an OCI compartment isolation strategy for security
A practical guide to designing an OCI compartment strategy for security — hierarchy, quotas, and multi-tenant isolation patterns that limit blast radius.
Best zero trust architecture implementation tools
A vendor-neutral buyer's guide to zero trust architecture tools: what to evaluate, plus honest strengths and limits of six leading platforms compared.
Multi-Factor Authentication Bypass via Privilege Escalation
Attackers increasingly skip cracking MFA altogether — they escalate privileges around it. Real cases from Microsoft, Uber, and SolarWinds show how, and what actually stops it.
Midnight Blizzard Breaches Microsoft: What the Exchange Online Attack Means for Everyone
Russian state actors compromised Microsoft executive email accounts through a password spray attack on a legacy test tenant. The breach exposed how identity misconfigurations cascade.
SAML Security in a Supply Chain Context
SAML is the authentication backbone for enterprise SSO. Its XML-based attack surface makes it a high-value target for supply chain compromise.