Identity-based attacks have become the primary way attackers move laterally in a network. They are also responsible for half of the initial intrusions.

Addressing these attacks requires very different tooling and approaches compared to malware-based attacks.

In this article we delve into the SlashID framework to address these attacks.

Stolen secrets and credentials are one of the most common ways for attackers to move laterally and maintain persistence in cloud environments.

In this blog post we introduce credential tokenization to protect secrets at runtime, introduce separation of duties, and reduce the credential rotation burden.

The recent Hugging Face breach is yet another reminder that securing machine-to-machine communication and API access is essential today.

By leveraging OAuth2 Client Credentials, you can enhance security, enable fine-grained access control, simplify credential management, and benefit from a standards-based approach.

With organization attributes, you can now easily store and manage tenant-level data directly on our platform.

With the deprecation of third-party cookies, first-party data has become crucial for websites to personalize user experiences.

SlashID introduces Anonymous Users, a feature that allows websites to collect user data without forcing users to register or log in, striking the perfect balance between data collection and user experience.

While very popular, PHP lacks modern identity and access management (IAM) capabilities. SlashID changes that with the release of our SDK for PHP and Laravel.

This is just the beginning; according to W3Tech PHP is used by over 76% of indexed websites. In the weeks to come, we aim to cover other popular frameworks such as Drupal and Symfony.

Adding custom claims to JWTs allows you to share identity information without repeated queries to external data sources.

Read on to learn how to customize claims with SlashID's webhooks.

We built the SlashID infrastructure so that your user data is globally distributed.

Our architecture helps applications using SlashID benefit from dramatically reduced latency, high availability and comply with data protection laws without fragmented identity silos or extra fees.

In this comprehensive blog post, we delve into the publicly available data on large-scale passkeys rollouts, examining results, conversion rates, and implementation challenges as documented in engineering blogs by companies like Kayak and Yahoo Japan.