Security
The Case For Just-In-Time Credentials and Zero Trust Access: Fortinet VPN Credentials CompromisedOn September 8 2021, a threat actor released a list with half a million username and passwords for Fortinet VPN deployments. This is very concerning, as the attacker claims a large portion of these credentials are still valid. As a result, it is now easy for a threat actor to launch a customized campaign, targeting […]
Security
Next Gen Root of Trust To Secure Cryptographic Keys Across The Hybrid Multi-CloudIn our recent article “Are your cryptographic keys truly safe? Root of Trust redefined for the cloud era” featured in HelpNetSecurity, we discussed how the objective of a Hardware Security Module (HSM) is to ensure that the keys it stores cannot be compromised. When the safety of the keys in an HSM can be assured, […]
Security
Using Dynamic Secrets To Achieve Zero Standing PrivilegesIn their 2019 report Remove Standing Privileges Through a Just-in-Time PAM Approach, Gartner suggested that: “The existence of privileged access carries significant risk, and even with PAM tools in place, the residual risk of users with standing privileges remains high. Security and risk management leaders engaged in IAM must implement a zero standing privileges strategy […]
Security
Using Akeyless to Enable Zero-Trust Secure Remote AccessImplementing a Zero Trust security model requires that your organization isn't trusting anyone or anything automatically, from inside or outside of your organization. In this blog we'll delve into some of Zero Trust principles of Just-in-Time Access, Least Privileged Approach and Zero-Standing Permissions, discussing why Akeyless is in the best position to provide a comprehensive Zero-Trust solution.
Security
Better Protect Your Ansible Secrets and Privileged AccessConfiguration management tools, such as Ansible, have become an attack target for malicious attackers. Find out how to add two layers of protection to your Ansible secrets.
Security
Better Protect Your Kubernetes Secrets and Privileged AccessContainer orchestration tools, such as Kubernetes, have become an attack target for malicious attackers. Find out how to add two layers of protection to your Kubernetes secrets.
Security
Just-in-time Access Done Right for DevOps and Security TeamsJust-in-time (JIT) originates from the manufacturing industry. Its goal is to eliminate waste by receiving what you need when you need it. JIT has very practical uses in security risk...
Security
Eliminating SSH Keys is Possible by Using SSH Certificates InsteadIf you’re looking to free your time and stop using SSH Keys by leveraging SSH Certificates automation, there is a way to do that. SSH Keys provide a secure protocol...
