Safeguard
Tag

sso

Safeguard articles tagged "sso" — guides, analysis, and best practices for software supply chain and application security.

6 articles

Application Security

SAML SSO vulnerabilities: signature wrapping and assertion replay explained

A 2024 ruby-saml flaw (CVE-2024-45409, CVSS 9.8) let attackers forge SAML assertions and log in as any user, including admins — seven years after the same bug class was first disclosed.

Jul 8, 20266 min read
Compliance

SSO, SCIM, and Vanta integrations for compliance-driven t...

How SSO, SCIM, and native Vanta integration shape audit readiness for supply chain security tools, and where Safeguard's approach differs from Socket.dev's.

May 12, 20267 min read
Incident Analysis

Okta Cross-Tenant Impersonation 2024

Okta's cross-tenant impersonation advisory and related social-engineering campaigns exposed how identity providers get targeted. Lessons for defenders.

Mar 26, 20268 min read
Best Practices

What is Single Sign-On (SSO)

SSO lets users log in once to access many apps — but it also concentrates identity into one high-value target. Here's how it works and its real risks.

Feb 15, 20266 min read
Incident Analysis

Oracle Cloud Classic SSO Incident: rose87168 and the Legacy Endpoint Problem

In March 2025 an actor calling themselves rose87168 advertised six million Oracle Cloud SSO and LDAP records, and Oracle quietly acknowledged a breach of legacy infrastructure. We unpack what happened and what tenants should do.

Apr 22, 20257 min read
Identity Security

SAML Security in a Supply Chain Context

SAML is the authentication backbone for enterprise SSO. Its XML-based attack surface makes it a high-value target for supply chain compromise.

May 12, 20225 min read
sso — Safeguard Blog