AWS re:Invent 2023: Passwordless Authentication

I'm here with Graeme Speak, CEO, and founder of BankVault.
Graeme, it's such a pleasure to be with you here today.
The really big one that we're focused on is called MasterKey, which provides passwordless access to web login portals.
Can you explain a little bit to our audience how your product, how MasterKey differs from everything else out there, because we certainly have heard about passwordless logins and the like and different in the ecosystem, the cybersecurity world, but your certainly is different than other things that I've heard about.
Graeme Speak: It is, I mean, so passwordless in the last year, since 2021 has become one of the hottest sectors in cybersecurity.
Shira Rubinoff: Well, certainly we talk a lot about no extra steps for users when we talk about the human factors piece of cybersecurity, when you put the onus on the user, they're responsible to do certain steps.
So the no extra steps I think is a very pivotal spot for your organization.
Graeme Speak: So we have customers that literally can now deploy within minutes instead of months.
The social media authentication is a really poor idea.
Graeme Speak: Yeah, this really sidesteps the man-in-the-middle.
Graeme Speak: So our target customers are typically going to be an organization that has a interface to an external customer.
In the worst possible situation where for some reason the passwordless technology has stopped working, who knows why, the users can still login with their original credentials.
Shira Rubinoff: Well, I will say one of the things also, that I like about your system is the users are behaving like they normally would, you don't have to retrain them, they don't really have to think about it.
People think they're a small fish and it's not going to bother me.
Graeme Speak: I'm now in the right to actually go into a bit more detail about how you can actually protect yourself, yeah.
Graeme Speak: If any organization would be interested in trialing this, honestly, we can set this up in a few moments.
Graeme Speak: And so it's not trivial on the inside, but the experience for the user is essentially seamless.
Graeme Speak: Yeah, there's dozens and dozens of these marketplaces.
Graeme Speak: So it's a very sharp competitive edge that elevates SaaS in a very large marketplace.
Shira Rubinoff: MasterKey and Graeme will be happy to speak with you.


This Cyber News was published on securityboulevard.com. Publication date: Fri, 22 Dec 2023 12:43:05 +0000


Cyber News related to AWS re:Invent 2023: Passwordless Authentication

Passwordless Login: Effortless Authentication - Let's explore how passwordless login paves the way for seamless and secure user authentication, fostering trust and loyalty. The Password Dilemma Though conventional complex password-based authentication has long been a cornerstone of robust ...
9 months ago Feeds.dzone.com
CrowdStrike Demonstrates Cloud Security Leadership at AWS re:Invent - CrowdStrike is honored to be named Partner of the Year for several 2023 Geo and Global AWS Partner Awards at Amazon Web Services re:Invent 2023, where we are participating this year as a Diamond Sponsor. These accomplishments demonstrate our ...
11 months ago Crowdstrike.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
11 months ago Esecurityplanet.com
GCP to AWS migration: A Comprehensive Guide - Embarking on a GCP to AWS migration journey can be both exciting and challenging. Before we dive into the technical details, let's explore why businesses might consider migrating from GCP to AWS. While GCP offers a range of services, AWS boasts an ...
10 months ago Feeds.dzone.com
Shaping the Future of Finance: The Cisco and AWS Collaboration in EMEA - The collaboration between Cisco and Amazon Web Services in the Europe, Middle East, and Africa region-combining each company's market leading strengths-continues to deliver impressive outcomes for our customers, notably within the Financial Services ...
11 months ago Feedpress.me
Rundown of Security News from AWS re:Invent 2023 - Amazon Web Services has been unveiling a steady stream of announcements during its AWS re:Invent 2023 event in Las Vegas this week. The focus over the four days, as expected, is on AI as AWS strives to show that its offerings can match - or surpass - ...
11 months ago Darkreading.com
Customer compliance and security during the post-quantum cryptographic migration | AWS Security Blog - For example, using the s2n-tls client built with AWS-LC (which supports the quantum-resistant KEMs), you could try connecting to a Secrets Manager endpoint by using a post-quantum TLS policy (for example, PQ-TLS-1-2-2023-12-15) and observe the PQ ...
1 month ago Aws.amazon.com
AWS CloudQuarry: Digging for Secrets in Public AMIs - Money, secrets and mass exploitation: This research unveils a quarry of sensitive data stored in public AMIs. As a best practice, AMI creators should not include credentials, including AWS account credentials, in published AMIs. We wanted to scan all ...
6 months ago Packetstormsecurity.com
CVE-2024-37293 - The AWS Deployment Framework (ADF) is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. ADF allows for staged, parallel, multi-account, cross-region deployments of applications or ...
5 months ago Tenable.com
Are organizations moving away from passwords? - Passwordless authentication emerges as a calculated response, eliminating the inherent weaknesses of conventional passwords. At the heart of this evolution lies the deployment of passkeys-sophisticated cryptographic tools designed to authenticate ...
11 months ago Helpnetsecurity.com
7 Rules to Improve AWS Security and Reduce Unwanted Incidents - Security of your AWS infrastructure is ultimately up to you. As the largest cloud services provider, AWS invests heavily to ensure its cloud environment is secure. Much of AWS security is still left to the customer, especially with regard to managing ...
1 year ago Beyondtrust.com
SentinelLabs Details Discovery of FBot Tool for Compromising Cloud Services - SentinelLabs today published a report identifying a Python-based tool that cybercriminals are using to compromise cloud computing and software-as-a-service platforms. Alex Delamotte, senior threat researcher at SentinelLabs, said FBot is used to take ...
10 months ago Securityboulevard.com
AWS re:Invent 2023: Passwordless Authentication - I'm here with Graeme Speak, CEO, and founder of BankVault. Graeme, it's such a pleasure to be with you here today. The really big one that we're focused on is called MasterKey, which provides passwordless access to web login portals. Can you explain ...
10 months ago Securityboulevard.com
A Handbook for Managing Containers on Amazon Web Services - Container management is a way to help you create, govern, and maintain your containers. There are tools and services available that can automate the creation, deployment, maintenance, scaling, and monitoring of application or system containers. In ...
1 year ago Trendmicro.com
What happens when you accidentally leak your AWS API keys? - My situation had no ill consequences, but it could have if I had used my actual email for the script or if my project was bigger and I had used AWS or another cloud provider and hardcoded those credentials. In a later class I did learn how to safely ...
8 months ago Isc.sans.edu
A Single Cloud Compromise Can Feed an Army of AI Sex Bots – Krebs on Security - “Once initial access was obtained, they exfiltrated cloud credentials and gained access to the cloud environment, where they attempted to access local LLM models hosted by cloud providers: in this instance, a local Claude (v2/v3) LLM model from ...
1 month ago Krebsonsecurity.com
CVE-2023-35165 - AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. In the packages `aws-cdk-lib` 2.0.0 until 2.80.0 and `@aws-cdk/aws-eks` 1.57.0 ...
1 year ago
In Pursuit of a Passwordless Future - Many computer users dream of a day when the industry can move past its reliance on passwords to reach a more serene future of frictionless cybersecurity. The fact is that countless remaining devices and systems have been aging and based on password ...
11 months ago Securityboulevard.com
In Pursuit of a Passwordless Future - Many computer users dream of a day when the industry can move past its reliance on passwords to reach a more serene future of frictionless cybersecurity. The fact is, countless remaining devices and systems are aging relics that have been based on ...
9 months ago Cyberdefensemagazine.com
1Kosmos partners with AWS to offer MFA for customer use cases - 1Kosmos announced it has completed the integration of its 1Kosmos BlockID platform with Amazon Cognito. As an AWS Advanced Technology Partner, 1Kosmos enables Amazon customers to seamlessly add passwordless multi-factor authentication to their ...
11 months ago Helpnetsecurity.com
Selecting an Authentication Protocol for Your Business - Authentication protocols serve as the backbone of online security, enabling users to confirm their identities securely and access protected information and services. The protocols exchange information to verify the validity of the authentication ...
7 months ago Darkreading.com
AWS Root vs IAM User: What to Know & When to Use Them - In Amazon Web Services, there are two different privileged accounts. One is defined as Root User and the other is defined as an IAM User. In this blog, I will break down the differences of an AWS Root User versus an IAM account, when to use one ...
1 year ago Beyondtrust.com
How to Use Context-Based Authentication to Improve Security - One of the biggest security weak points for organizations involves their authentication processes. Context-based authentication offers an important tool in the battle against credential stuffing, man-in-the-middle attacks, MFA prompt bombing, and ...
9 months ago Securityboulevard.com
What Is Kerberos Authentication?: Implementing Effective Security Protocols - Kerberos is a vital security protocol that any serious computer user must be familiar with. It is an open standard that provides a secure way of verifying the identity of user across multiple systems. The Kerberos authentication protocol is a ...
1 year ago Heimdalsecurity.com
Most IT Pros Felt Ready for Password-Based Attack; More Than Half Fell Victim - PRESS RELEASE. SANTA CLARA, Calif. - December 12, 2023 - Axiad, a leading provider of organization-wide passwordless orchestration, today announced the results of its 2023 State of Authentication Survey. The survey investigated the types of ...
11 months ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)