Uptime.com’s Post

Does your website monitoring solution securely story your credentials for your applications? Introducing Secure Vault. I am super proud of our team for delivering this major feature enhancement. Majority of vendors in our space can't explain (or don't want to explain) how they secure their customer credentials used in tests and monitors. It's often overlooked by many during vendor assessments and not many vendors in our space can meet this criteria. I learned a lot through my experiences going through some of the toughest Production Readiness Assessments, Security Assessments and Vendor Reviews and how crucial it is that we deliver exceptional security. Most importantly, I heard it loud and clear from our customers, so we delivered a solution that not only improves our security posture but provides many features that our customers have been desiring. Read more about other improvements we have made in this major feature below. For those thinking "Oh we have to pay for this security?" - No way, every plan and every customer gets access to Secure Vault Day 1. No cost, no add-on, no plan changes - just us improving the product for our customers. #security #reliability #vault #trust #observability #monitoring #websitemonitoring

SSO offers benefits in user experience, security, and administrative efficiency. It also presents challenges that require consideration. By addressing risks such as single points of failure, credential theft, and overprovisioning, organizations can harness the power of #SSO while maintaining robust security. https://lnkd.in/gdGbVATv

🛠️ Security admins, are you aware of the challenges of MFA deployment? Compatibility and credential management are key. What's your MFA health check telling you? 🔗 https://bit.ly/mfasafe #CyberDefense #SecurityTools #MFA

Not only does this article underscore the need for MFA or other enhanced security controls for user accounts but also highlights something I still hear on a regular basis, even from F500 customers, "We're really good about giving people access but we suck at removing it" If your de-provisioning process is incomplete, ineffective, or just plain doesn't exist then you're asking to be in the same boat. De-provisioning is fundamental blocking and tackling for IAM get with the program people. Oh wait how many organizations have an IAM Platform but no IAM Program Get an IAM Program people https://lnkd.in/gEv-gPGU

You are spot on, Robert Forbes..."many organizations have an IAM Platform but no IAM Program" This is insane. Why have zero trust MFA when you can have absolute trust with a biometrically protected, passwordless, de-centralized and un-shareable FIDO2 authenticator!?!?!? Usernames and passwords cannot die fast enough. #innovation #cybersecurity #identitysecurity

You can't protect what you can't see ❗ Service accounts, often overlooked and unmanaged, pose significant security risks if not properly monitored. Without visibility, regular auditing, or proper security measures, these accounts can become a gateway for attackers to gain unauthorized access and move laterally within networks. Curious to learn how you can leverage virtual fencing instead of password rotations? Let me know! Blog link: https://lnkd.in/ggChPKgZ

Session timeouts vs. logouts: What's the difference, and why should you care? 🤔 This blog breaks it down, plus tips for getting it right. https://lnkd.in/gfsAkysg #IAM #security

Ticketmaster customers impacted by security incident: how to know if you're one of them - NBC Chicago: Ticketmaster customers impacted by security incident: how to know if you're one of them  NBC Chicago #CyberSecurity #InfoSec #SecurityInsights

An insightful blogpost from Silverfort on service accounts. Service accounts are indispensable, but not immune to security risks. It is becoming more common that threat actors are increasingly leveraging compromised service accounts to gain unauthorised access and move laterally within an organisation’s network. There are several factors that contribute to the security risks associated with service accounts. Firstly, service accounts often lack visibility within an organisation’s security infrastructure. Second, service accounts are frequently excluded from regular password rotation practices. Lastly, service accounts are often provisioned with unnecessary access rights and privileges. If you want to know how to mitigate the risks associated with #serviceaccounts, then have a read and reach out! Damon Jones Laura F. Silverfort WebSecure Duo, a division of Sektor https://lnkd.in/gG8jFHQy

Password-free password management? Leading password management providers Dashlane and 1Password have recently launched new features allowing account creation without a master password. This innovative approach aims to simplify onboarding while maintaining robust security standards. After rigorous testing, seamless user experience and heightened security measures are clear. However, the absence of a master password introduces a need for alternative access methods, raising questions about its security and access this provides to the service provider. Want to learn more? My full write up is live; #passwordmanagement #cybersecurity #technologyinnovation