Security Boulevard

SAML vs OIDC: Choosing the Right Protocol for Modern Single Sign-On

Comparing SAML and OIDC for enterprise SSO. Learn which protocol works best for web, mobile, and CIAM solutions in this deep dive for CTOs.
Network World

Microsoft passes its first SAML 2.0 interoperability test

Microsoft completed its first SAML interoperability test and the results are in: Active Directory Federation Services 2.0 software received a passing grade. Microsoft’s federated identity platform ...
TheServerSide

SAML: It's Not just for Web services

SAML (Security Assertion Markup Language) is an XML-based standard for exchanging authentication and authorization data between security domains. SAML is a product of the OASIS Security Services ...
Cyber Defense Magazine

SAML → OIDC Migration: The Hidden Gotchas

In many enterprises, Security Assertion Markup Language (SAML) is the glue that holds legacy single sign-on together. It has ...
Network World

Microsoft responds to questions on “Geneva” support of SAML 2.0

Microsoft PR contacted Microsoft Subnet today to clarify some questions we raised in a post earlier this month, “Microsoft “Geneva” could be genius but skeptics abound.” On May 11, Microsoft announced ...
Bleeping Computer

Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps

A new technique called "Golden SAML" lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication ...
CSOonline

Samlify bug lets attackers bypass single sign-on

A critical vulnerability in the popular samlify library could potentially allow attackers to bypass Single Sign-On (SSO) protections and gain unauthorized access to systems relying on SAML for ...