Get Ready to CONNECT with SecureAuth+Core Security in Atlanta

Ashley Sims

By now you’ve heard the news: SecureAuth and Core Security are joining forces to offer the industry’s first identity-based security automation platform with integrated network, endpoint, vulnerability, and identity security.

Identity 101: When "Good Enough" Just Isn't Good Enough

Mike Talon | @miketalonync


When looking at identity security solutions for your organization, you may find that many vendors offer native multi-factor authentication (MFA - also known as 2-factor authentication, or 2FA). When presented with the ability to do this by the app in question, why would you look at any other solutions? This is especially true when the product in question offers what seems to be "good enough" protection in the first place.

SecureAuth Merges with Core Security

Jeff Kukowski, CEO


Today, we are excited to announce that SecureAuth and Core Security are merging to become one company. Core Security is a leader in vulnerability discovery, identity governance, and threat management, which is highly complementary to the identity security technology SecureAuth pioneered and continues to be a leader in today. Together, our mission is to accomplish what no other security technology vendor can claim: Secure the enterprise across all major threat vectors with an identity-based approach to the attack lifecycle.

Identity 101: Alphabet Soup

Mike Talon


A Quick Guide to the Top 12 Acronyms in Identity Management

Equifax: The Wages of Reputation Services Acting like Identity Systems

Jeff Nolan, CMO


The news of the massive Equifax data breach broke last week, and the collective shrug of yet-another-data-breach was deafening. The fact that it happened to a credit reporting service that is known for offering identity protection in the wake of other people’s data breaches is ironic, but beyond that, it’s just another in a string of data breaches that have impacted every American by this point.

Confessions of a Password Tweaker - Part 2 (Same s#!t123, different password)

Password tweaking doesn't protect your organization from identity access breaches.
David Ross, VP Research - SecureAuth


The week before last, I confessed to password tweaking.

Recently Troy Hunt released 320 million hashed passwords collected from breaches ( so I thought I’d run an experiment on that data based on common password tweaking techniques. I wanted to see if I could find tweaked variations of a given password in Troy’s data set.

Confessions of a Password Tweaker

David Ross


I have a confession to make. For over twenty years, I’ve been using the same password for most everything. And the worst part is, I thought I was being smart about it.

Cognitive Dissonance: Americans worry about their online security – while continuing to practice poor password hygiene



It’s 2017, and data breaches are occurring at a record pace. It’s no wonder, then, that Americans are becoming increasingly anxious about their online security. Our recent report with Wakefield Research says Americans are much more likely to be concerned with their online personal information being stolen (69 percent) than their wallet being stolen (31 percent).

Yes, your users are reusing their passwords and user IDs. What can you do to protect your organization?

SecureAuth Identity and Access Management Secures Credentials with Adaptive MultiFactor Authentication
Jeff Hickman


If you’re an IT pro, you’re likely aware of the very real damage that can result from even one user’s credentials being compromised. Once attackers have a foothold in your systems, they can linger for months, steadily increasing their permissions until they find and steal your most valuable data. Many organizations are already working to strengthen their security posture for preventing the misuse of stolen credentials. But one very real risk is typically overlooked:  the social and personal credentials of our end users.