One of our fellow CTOs asked us a question recently, “Say you’re using a 3rd party Identity Provider for User Account Management and there are operations that require a SUDO/God mode with elevated permissions assertions (maybe via SMS verification or some other form of assertion such as re-entering the password). How do you do it?” This is a very good … Read More
Why you should get rid of home-grown password systems immediately
While Application Security is a complicated issue and deserves a playbook of its own, software development companies and developers alike should start taking the first steps in the forefront of application security, and that involves, getting RID of homegrown password systems.