Understand who and what has access before it becomes a risk.
Continuously surface the risks that actually matter.
Reduce risk and operational load at the same time.
with browser phishing prevention, shadow app discovery, and granular access controls.
using 500+ built-in detections across your identity graph—no custom rules needed.
enforce MFA, suspend users, rotate credentials via your SIEM/SOAR.
Identity threat detection and security posture management combined. AI-powered detection reduces false positives while continuous posture monitoring closes gaps before attackers exploit them.
Mutual verification that stops impersonation attacks—not just call center protection, but employee-to-employee too. Less invasive and cheaper than face-scanning identity verification.
Dramatically faster application onboarding, AI-driven access reviews, and granular governance campaigns—all powered by the access graph.
On April 19, 2026, Vercel disclosed that attackers compromised an employee's Google Workspace account through a malicious OAuth 2.0 application originating from Context.ai, a third-party AI tool. This post breaks down how the attack worked, what OAuth scopes were abused, and how organizations can detect and respond to these threats with and without SlashID.
As generative AI makes deepfake impersonation attacks increasingly convincing, traditional enterprise security controls fail to protect human-to-human communication channels. This post introduces SlashID Mutual TOTP, a cryptographic verification mechanism that replaces perception-based trust with mathematical proof of identity, stopping deepfake impersonation attacks before sensitive information is shared.
In 2024, Arup, a global engineering consultancy, fell victim to one of the most sophisticated deepfake fraud attacks, losing $25 million after an employee joined what appeared to be a legitimate video conference with AI-generated deepfake executives. This post explores the technical evolution of deepfake technology, from early GANs to modern diffusion models, and explains how attackers can now bypass enterprise liveness detection to impersonate executives in real-time video calls.
