BT

Apache Ranger Graduates to Top-Level Project

by Alexandre Rodrigues on  Mar 14, 2017

Apache Ranger, a security management framework for Apache Hadoop ecosystem, graduated to top level. Ranger is used as a centralized component to define and administer security policies that are enforced across supported Hadoop components such as Apache HBase, Hadoop (HDFS and YARN), Apache Hive, Apache Kafka, Apache Solr, among others.

NIST Guidelines Require Second Auth Factor When Using Biometrics

by Thomas Betts on  Feb 13, 2017

NIST has released a public draft of new Digital Identity Guidelines, described as “a significant update from past revisions.” The guidelines describe acceptable use of multi-factor authentication (MFA). Furthermore, when using biometric data as one authentication factor, it must be combined with something you have, and not something you know, such as a password.

Authentication Strategies in Microservices Systems

by Jan Stenberg on  Dec 08, 2016 3

Software security is a complex problem, and is becoming even more complex using Microservices where each service has to deal with security, David Borsos explained at the recent Microservices Conference in London, during his presentation evaluating four end-user authentication options within a microservice based systems.

GitLab 8.9 Adds File Locking, Hardware U2F Support

by David Iffland on  Jun 24, 2016

The release of GitLab 8.9 brings a file locking, a refreshed UI, and hardware-based two-factor authentication. Teaming up with Yubico, developers can now use a hardware YubiKey to automatically authenticate a GitLab session without having to type in a 6-digit TOTP code. In addition, file locking will keep binary assets from getting destroyed during a merge.

Capital One Launches Developer Platform

by Benjamin Young on  Apr 07, 2016

Capital One launched the DevExchange Beta developer site and initial API offering last month.

Secrets Management with Chef-Vault

by João Miranda on  Jan 31, 2016

Secret management is a difficult problem in a distributed and scalable environment. Chef-vault is a Chef tool built on top of encrypted data bags that eliminates the need to share the decryption key with all users and nodes of an infrastructure.

Keeping Your Secrets Safe in a Distributed and Scalable Environment

by Rui Covelo on  Dec 28, 2015

At the Velocity Conference in Amsterdam, Alex Shoof explained how to manage secrets in a scalable and distributed environment. Shoof proposed a system based on five fundamental principles for secret management.

Facebook's and Twitter's SDKs for Apple tvOS Enable Onboarding and Analytics

by Sergio De Simone on  Dec 03, 2015

Facebook and Twitter have released SDKs for Apple tvOS to provide support for onboarding, user verification, and analytics.

Nexmo Verify SDK Touts Easy Phone Number-based Authentication

by Sergio De Simone on  Nov 17, 2015

Nexmo has announced the availability of its Verify SDK for iOS, Android, and JavaScript, which makes it possible to securely register and authenticate users based on their mobile phone numbers, Nexmo says.

Google Introduces Smart Lock for Passwords

by Abel Avram on  Jun 02, 2015

Google has announced at I/O 2015 the Google Identity Platform, a collection of tools and APIs for managing identities and dealing with authentication and authorization across Android, iOS and web applications.

Major Update to Firebase Brings Rich Authentication Tokens

by James Chesters on  Oct 07, 2014

Firebase has this week announced major updates to its user authentication, including automatic session persistence, and rich authentication tokens for use in Security Rules.

Katana Gets OpenIDConnect, WSFederation Components

by Roopesh Shenoy on  Jul 14, 2014

Katana 3, now close to GA, comes with new security components providing OpenIDConnect and WSFederation support.

Microsoft Beefs Up Cloud Identity Services as Part of Mobile Push

by Richard Seroter on  Mar 31, 2014

As part of launching an Enterprise Mobility Suite, Microsoft announced that Azure Active Directory Premium was set to hit General Availability. Microsoft Azure Active Directory Premium extends the free identity management and single sign-on service with additional group-management capabilities, rebranding options, security analytics, and more.

Amazon re:invent roundup

by Chris Swan on  Dec 02, 2013

Amazon announced a number of new services at the recent re:invent conference in Las Vegas: Amazon WorkSpaces - Desktop Computing in the Cloud, Identity and Access Management using SAML, Amazon AppStream - Delivering Streaming Applications from the Cloud, Amazon Kinesis - Streaming Big Data, CloudTrail - Capturing AWS API Activity, Postgres support in RDS and new EC2 instance types

Apigee Now Supports Node.js and Open Sources Volos

by Abel Avram on  Nov 12, 2013

Apigee Edge now supports Node.js and has open sourced Volos, a project containing a set of API management modules.

BT