PayPal Breach 2023: Tip of the Iceberg
The PayPal breach of 2023 reminds us that 2FA isn’t a silver bullet and that credential security matters more than ever.
leaked passwords
The Antidote for the LastPass password vault breach
The scale of the recent LastPass breach is so large, changing all the passwords isn’t the most practical or realistic solution.
Identity Threat Detection & Response
Identity Threat Detection & Response Stop ATOs before they startWhat We Do DetectDetect compromised credentials in real-timeVerifyVerify credentials with zero false-positives RemediateLaunch password breach policies and allow self-service remediation Protect Your Organization Against Account Takeover Attacks VeriClouds CredVerify is the only service designed to detect, verify and remediate the use of weak or stolen credentials […]
NIST Password Guidelines 2021: Challenging Traditional Password Management
In 2017, the National Institute of Standards and Technology (NIST) released NIST Special Publication 800-63B Digital Identity Guidelines to help organizations properly comprehend and address risk as it relates to password management on the part of end users. Nearly every year since, NIST has undertaken to update or underscore these guidelines as security experts continue […]
Assessing the risk of compromised credentials
Assessing The Risk of Compromised Credentials to The Enterprise Businesses today face an abundance of organizational risk. These come in the form of creating the business model itself, dealing with third parties, managing vendors and partners, monitoring internal and external fiscal fraud, exercising premise security, and the like. In the 21st century, no greater risk […]
Why Common IAM Solutions for Identity-based Attacks Aren’t Really Working
by Stan Bounev and Chris Olive When faced with the problem of data being open to all users on an early, 1960’s mainframe computer, Fernando “Corby” Corbato rather nonchalantly assigned passwords to protect user private data, and the concept of the computer password was born. Fast forward to today, and no one ever would have […]
Account Takeover (ATO) Attacks Simply Don’t Matter
Account Takeover (ATO) Attacks Simply Don’t Matter Account Takeover (ATO) attacks seemingly just don’t matter. That’s the conclusion a semi-informed outside observer might potentially come to based on how these pernicious attacks are being addressed by the cybersecurity community. That ATO attacks desperately need to be addressed, and addressed in the right way, goes without […]
VeriClouds CredVerify
CredVerify™: Detect. Verify. Prevent.CredVerify™ Cloud API CredVerify™ integrates with IAM systems and complements existing authentication and multi-factor authentication. The integration detects compromised credentials of your employees or customers during authentication by checking their credentials against a database of more than eight billion compromised credentials.CredVerify™ On-Premise Service CredVerify™ deploys as a hardware appliance on your network […]
Resources
VeriClouds Whitepapers & Resources Below you will find links to our whitepapers, checklists, and other valuable documents. Documents Whitepaper Assessing The Risk of Compromised Credentials to The Enterprise Provides methodology for assessing and scoring compromised credentials risk and aligns it to the overall cybersecurity and operational risks Download Document Whitepaper 5 Key insights for Credential […]