CyberSecurityBoard
Sponsor Register Login

AWS re:Invent 2023: Passwordless Authentication

I'm here with Graeme Speak, CEO, and founder of BankVault.
Graeme, it's such a pleasure to be with you here today.
The really big one that we're focused on is called MasterKey, which provides passwordless access to web login portals.
Can you explain a little bit to our audience how your product, how MasterKey differs from everything else out there, because we certainly have heard about passwordless logins and the like and different in the ecosystem, the cybersecurity world, but your certainly is different than other things that I've heard about.
Graeme Speak: It is, I mean, so passwordless in the last year, since 2021 has become one of the hottest sectors in cybersecurity.
Shira Rubinoff: Well, certainly we talk a lot about no extra steps for users when we talk about the human factors piece of cybersecurity, when you put the onus on the user, they're responsible to do certain steps.
So the no extra steps I think is a very pivotal spot for your organization.
Graeme Speak: So we have customers that literally can now deploy within minutes instead of months.
The social media authentication is a really poor idea.
Graeme Speak: Yeah, this really sidesteps the man-in-the-middle.
Graeme Speak: So our target customers are typically going to be an organization that has a interface to an external customer.
In the worst possible situation where for some reason the passwordless technology has stopped working, who knows why, the users can still login with their original credentials.
Shira Rubinoff: Well, I will say one of the things also, that I like about your system is the users are behaving like they normally would, you don't have to retrain them, they don't really have to think about it.
People think they're a small fish and it's not going to bother me.
Graeme Speak: I'm now in the right to actually go into a bit more detail about how you can actually protect yourself, yeah.
Graeme Speak: If any organization would be interested in trialing this, honestly, we can set this up in a few moments.
Graeme Speak: And so it's not trivial on the inside, but the experience for the user is essentially seamless.
Graeme Speak: Yeah, there's dozens and dozens of these marketplaces.
Graeme Speak: So it's a very sharp competitive edge that elevates SaaS in a very large marketplace.
Shira Rubinoff: MasterKey and Graeme will be happy to speak with you.


This Cyber News was published on securityboulevard.com. Publication date: Fri, 22 Dec 2023 12:43:05 +0000


Cyber News related to AWS re:Invent 2023: Passwordless Authentication

Passwordless Login: Effortless Authentication - Let's explore how passwordless login paves the way for seamless and secure user authentication, fostering trust and loyalty. The Password Dilemma Though conventional complex password-based authentication has long been a cornerstone of robust ...
1 year ago Feeds.dzone.com
CrowdStrike Demonstrates Cloud Security Leadership at AWS re:Invent - CrowdStrike is honored to be named Partner of the Year for several 2023 Geo and Global AWS Partner Awards at Amazon Web Services re:Invent 2023, where we are participating this year as a Diamond Sponsor. These accomplishments demonstrate our ...
1 year ago Crowdstrike.com
Top 10 Best Passwordless Authentication Tools in 2025 - Auth0 provides a flexible authentication and authorization platform that supports passwordless login methods, enhancing security and user experience by eliminating the need for traditional passwords. Okta provides a robust identity and access ...
3 months ago Cybersecuritynews.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
GCP to AWS migration: A Comprehensive Guide - Embarking on a GCP to AWS migration journey can be both exciting and challenging. Before we dive into the technical details, let's explore why businesses might consider migrating from GCP to AWS. While GCP offers a range of services, AWS boasts an ...
1 year ago Feeds.dzone.com
Shaping the Future of Finance: The Cisco and AWS Collaboration in EMEA - The collaboration between Cisco and Amazon Web Services in the Europe, Middle East, and Africa region-combining each company's market leading strengths-continues to deliver impressive outcomes for our customers, notably within the Financial Services ...
1 year ago Feedpress.me
Rundown of Security News from AWS re:Invent 2023 - Amazon Web Services has been unveiling a steady stream of announcements during its AWS re:Invent 2023 event in Las Vegas this week. The focus over the four days, as expected, is on AI as AWS strives to show that its offerings can match - or surpass - ...
1 year ago Darkreading.com
Customer compliance and security during the post-quantum cryptographic migration | AWS Security Blog - For example, using the s2n-tls client built with AWS-LC (which supports the quantum-resistant KEMs), you could try connecting to a Secrets Manager endpoint by using a post-quantum TLS policy (for example, PQ-TLS-1-2-2023-12-15) and observe the PQ ...
8 months ago Aws.amazon.com
AWS CloudQuarry: Digging for Secrets in Public AMIs - Money, secrets and mass exploitation: This research unveils a quarry of sensitive data stored in public AMIs. As a best practice, AMI creators should not include credentials, including AWS account credentials, in published AMIs. We wanted to scan all ...
1 year ago Packetstormsecurity.com
CVE-2024-37293 - The AWS Deployment Framework (ADF) is a framework to manage and deploy resources across multiple AWS accounts and regions within an AWS Organization. ADF allows for staged, parallel, multi-account, cross-region deployments of applications or ...
1 year ago Tenable.com
Are organizations moving away from passwords? - Passwordless authentication emerges as a calculated response, eliminating the inherent weaknesses of conventional passwords. At the heart of this evolution lies the deployment of passkeys-sophisticated cryptographic tools designed to authenticate ...
1 year ago Helpnetsecurity.com
7 Rules to Improve AWS Security and Reduce Unwanted Incidents - Security of your AWS infrastructure is ultimately up to you. As the largest cloud services provider, AWS invests heavily to ensure its cloud environment is secure. Much of AWS security is still left to the customer, especially with regard to managing ...
2 years ago Beyondtrust.com
SentinelLabs Details Discovery of FBot Tool for Compromising Cloud Services - SentinelLabs today published a report identifying a Python-based tool that cybercriminals are using to compromise cloud computing and software-as-a-service platforms. Alex Delamotte, senior threat researcher at SentinelLabs, said FBot is used to take ...
1 year ago Securityboulevard.com
AWS re:Invent 2023: Passwordless Authentication - I'm here with Graeme Speak, CEO, and founder of BankVault. Graeme, it's such a pleasure to be with you here today. The really big one that we're focused on is called MasterKey, which provides passwordless access to web login portals. Can you explain ...
1 year ago Securityboulevard.com
A Handbook for Managing Containers on Amazon Web Services - Container management is a way to help you create, govern, and maintain your containers. There are tools and services available that can automate the creation, deployment, maintenance, scaling, and monitoring of application or system containers. In ...
2 years ago Trendmicro.com
What happens when you accidentally leak your AWS API keys? - My situation had no ill consequences, but it could have if I had used my actual email for the script or if my project was bigger and I had used AWS or another cloud provider and hardcoded those credentials. In a later class I did learn how to safely ...
1 year ago Isc.sans.edu
15 Billion User Gain Passwordless Access to Microsoft Account Using Passkeys - As the first-ever World Passkey Day replaces the traditional World Password Day, Microsoft joins the FIDO Alliance in celebrating a milestone achievement: over 15 billion online accounts now have access to passwordless authentication through ...
1 month ago Cybersecuritynews.com
Microsoft makes all new accounts passwordless by default - Microsoft is a board member of the FIDO Alliance, an open industry association launched over a decade ago that promotes passkeys as a standard passwordless sign-in method used by 15 billion user accounts for authentication. Brand new Microsoft ...
1 month ago Bleepingcomputer.com
A Single Cloud Compromise Can Feed an Army of AI Sex Bots – Krebs on Security - “Once initial access was obtained, they exfiltrated cloud credentials and gained access to the cloud environment, where they attempted to access local LLM models hosted by cloud providers: in this instance, a local Claude (v2/v3) LLM model from ...
8 months ago Krebsonsecurity.com
whoAMI attacks give hackers code execution on Amazon EC2 instances - The attacker only needs an AWS account to publish their backdoored AMI to the public Community AMI catalog and strategically choose a name that mimics the AMIs of their targets. The issue was fixed last year on September 19, and on December 1st AWS ...
4 months ago Bleepingcomputer.com
AWS Key Hunter - A Free Automated Tool to Detect Exposed AWS keys - Security teams should combine this with AWS security best practices, such as enabling CloudTrail logging for API activity monitoring, implementing IAM policies based on least-privilege principles, and rotating credentials via the AWS Secrets Manager ...
4 months ago Cybersecuritynews.com
In Pursuit of a Passwordless Future - Many computer users dream of a day when the industry can move past its reliance on passwords to reach a more serene future of frictionless cybersecurity. The fact is that countless remaining devices and systems have been aging and based on password ...
1 year ago Securityboulevard.com
In Pursuit of a Passwordless Future - Many computer users dream of a day when the industry can move past its reliance on passwords to reach a more serene future of frictionless cybersecurity. The fact is, countless remaining devices and systems are aging relics that have been based on ...
1 year ago Cyberdefensemagazine.com
CVE-2023-35165 - AWS Cloud Development Kit (AWS CDK) is an open-source software development framework to define cloud infrastructure in code and provision it through AWS CloudFormation. In the packages `aws-cdk-lib` 2.0.0 until 2.80.0 and `@aws-cdk/aws-eks` 1.57.0 ...
1 year ago
1Kosmos partners with AWS to offer MFA for customer use cases - 1Kosmos announced it has completed the integration of its 1Kosmos BlockID platform with Amazon Cognito. As an AWS Advanced Technology Partner, 1Kosmos enables Amazon customers to seamlessly add passwordless multi-factor authentication to their ...
1 year ago Helpnetsecurity.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)