Featured
7. The Role of Asymmetric Cryptography and Secure Enclaves
Jasson Casey, CEO of Beyond Identity
Asymmetric cryptography can be deployed to stop a private key from being removed from any device, which can stop the key from being exploited in the file system or in memory.
Using secure enclaves, part of the system on a chip (SOC) from all the major semiconductor chip vendors, including Intel, Apple, AMD, AWS, ARM and more, to store and control the private keys offers a major architectural advantage in modern multi-factor authentication.
Join Beyond Identity CEO, Jasson Casey in episode 6 of his Zero Trust Authentication Master Class.
Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-inc
Website:
beyondidentity.com
All episodes
-
1. Zero Trust Foundational Concepts - Zero Trust Authentication Master Class
Jasson Casey, CTO at Beyond Identity
The term Zero Trust is ubiquitous in the security industry, leaving many to believe it is merely a marketing term. Jasson Casey, our CTO, dissects the key concepts of Zero Trust using the NIST framework and the essential role that strong authentication plays in a Zero Trust world.
The first thing that we really want to focus on is what is our definition of zero trust? We're going to actually just borrow the definition that comes out of NIST. NIST has a document called 800-207.
And in there they actually call out a couple of motivating problems, really setting up the stage for what is zero trust trying to solve. The preview really is, assume you're operating in a hostile environment, and kind of establish trust as you need to with respect to what someone's actually trying to do.
But more specifically, one of the first problems they actually talk about is that there is no implicit trust based on any sort of special location in the network.
Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-incWebsite:
beyondidentity.com -
2. Authentication Flows Explained - Zero Trust Authentication Master Class
Jasson Casey, CTO at Beyond Identity
All of us experience authentication everyday, but here Beyond Identity CTO, Jasson Casey breaks down every step involved in the authentication process flow, the vulnerability profile these steps create, and how to control the attack surface.
2. Authentication Flows Explained - Zero Trust Authentication Master Class
Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-incWebsite:
beyondidentity.com -
3. Augments Authentication Flows - Zero Trust Authentication Master Class
Jasson Casey, CTO at Beyond Identity
Weak authentication, based on usernames and passwords, has been surrounded with timers and codes, providing only a modicum of additional protection. This can lull identity and security teams into a false confidence. Conversely, they also increase the surface area available for exploit by attackers.
In episode 3. Augments Authentication Flows of his Zero Trust Authentication Master Class, Beyond Identity CTO Jasson Casey explains these pitfalls further.
Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-incWebsite:
beyondidentity.com -
4. How Delegation and Federation Work - Zero Trust Authentication Master Class
Jasson Casey, CTO at Beyond Identity
Authentication in today’s world is based on delegation and federation using SAML and OIDC protocols to verify and establish trust between users and apps.
In episode 4. How Delegation and Federation Work, of Beyond Identity CTO Jasson Casey's Zero Trust Authentication Master Class, we'll understand the role of Identity Providers (IDPs), the challenge-response concepts involved in authentication, and the differences between SAML and OIDC.
Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-incWebsite:
beyondidentity.com -
5. Multi-Factor Authentication and Phishing Explained
Jasson Casey, CTO at Beyond Identity
MFA incorporates knowledge, possession, and inherence to layer protection around a username and password.
But possession proof, in the form of codes, one-time passwords, sms, push, and magic links increase the attack surface and, perhaps worse, raise the illusion of authentication security.
In episode 5 of Beyond Identity CTO Jasson Casey's Zero Trust Authentication Master Class, well investigate a common Man-in-the-Middle attack framework – no ordinary “catphish” if you follow the logic.
This is Multi-Factor Authentication and Phishing Explained.
Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-incWebsite:
beyondidentity.com -
6. Rebuilding Authentication for Zero Trust
Jasson Casey, CEO of Beyond Identity
First generation, password-based MFA generates an attack surface area in motion and every device remains an attack surface at rest.
In this episode, Rebuilding Authentication for Zero Trust, Jasson walks through how utilizing encryption and employing asymmetric cryptography can eliminate the in motion attack surface and minimize that at rest vulnerability.
Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-incWebsite:
beyondidentity.com -
7. The Role of Asymmetric Cryptography and Secure Enclaves
Jasson Casey, CEO of Beyond Identity
Asymmetric cryptography can be deployed to stop a private key from being removed from any device, which can stop the key from being exploited in the file system or in memory.
Using secure enclaves, part of the system on a chip (SOC) from all the major semiconductor chip vendors, including Intel, Apple, AMD, AWS, ARM and more, to store and control the private keys offers a major architectural advantage in modern multi-factor authentication.
Join Beyond Identity CEO, Jasson Casey in episode 6 of his Zero Trust Authentication Master Class.
Follow Beyond Identity:
twitter.com/beyondidentity
linkedin.com/company/beyond-identity-incWebsite:
beyondidentity.com