Post Tag: Access

Industry Insights

Attestation-Based Identity: How It Works and Why It Matters

Instead of just trusting the token’s signature, attestation-based identity adds an extra layer of security.

Ashur Kanoon

Oct 2025

7 min read

Best Practices

OAuth vs. OIDC: What’s the Difference and When Should You Use Each?

OAuth 2.0 and OIDC solve fundamentally different problems.

Ashur Kanoon

Oct 2025

5 min read

Industry Insights

Securing Workloads with Conditional Access: The Future of Dynamic Access Control

Conditional access enhances security and reduces the attack surface without adding friction.

Ashur Kanoon

Oct 2025

4 min read

Best Practices, zFeatured

Configuring an MCP Server with Auth0 as the Authorization Server

A practical walkthrough of the Auth0 settings and tweaks you’ll need to get an MCP server working smoothly with real-world clients like Claude.

Victor Ronin

Sep 2025

4 min read

Breach Analysis

When Salesforce Becomes a De Facto Credential Repository: Lessons from the Drift OAuth Breach

This malicious campaign demonstrates how long-lived token theft can become the first step in a much broader breach.

Dan Kaplan

Aug 2025

3 min read

Best Practices

Workload Identity vs. Workload Access Management: Securing Cloud-Native Workloads in a Dynamic Environment

Understanding the distinction is essential for implementing Zero Trust.

Dan Kaplan

Aug 2025

5 min read

Best Practices

Dynamic Authorization vs. Static Secrets: Rethinking Cloud Access Controls

Learn why static secrets fail in modern environments and how to implement dynamic authorization.

Dan Kaplan

Aug 2025

6 min read

Industry Insights

What Identity Federation Means for Workloads in Cloud-Native Environments

Learn how federation works for non-human identities, where legacy models fall short, and how to implement a secure, scalable solution.

Dan Kaplan

Aug 2025

7 min read

Breach Analysis

What the xAI Key Leak Teaches Us About Secrets – And How to Fix Them

One careless push unlocked 52 AI models, but the real story is how to keep this from happening again.

Apurva Davé

Jul 2025

3 min read

Best Practices

The Story Behind Snowflake’s Push to Rein in Non-Human Identities

After locking down workforce identity, Snowflake’s security team took on the harder problem – controlling non-human access at scale without slowing teams down.

Dan Kaplan

Jul 2025

4 min read

Blog

Tag: Access

Attestation-Based Identity: How It Works and Why It Matters

OAuth vs. OIDC: What’s the Difference and When Should You Use Each?

Securing Workloads with Conditional Access: The Future of Dynamic Access Control

Configuring an MCP Server with Auth0 as the Authorization Server

When Salesforce Becomes a De Facto Credential Repository: Lessons from the Drift OAuth Breach

Workload Identity vs. Workload Access Management: Securing Cloud-Native Workloads in a Dynamic Environment

Dynamic Authorization vs. Static Secrets: Rethinking Cloud Access Controls

What Identity Federation Means for Workloads in Cloud-Native Environments

What the xAI Key Leak Teaches Us About Secrets – And How to Fix Them

The Story Behind Snowflake’s Push to Rein in Non-Human Identities

Straight to Your Inbox