In the last few weeks several very high-profile breaches have been in the news, from Santander to Ticketmaster and AT&T.

These breaches all have the same attack vector: identity-based attacks against Snowflake instances.

In this article, we discuss the causes of the breach and our approach to protect against identity-based attacks against Snowflake.

The SlashID local deployment is our answer for developers looking to build, run and test apps locally.

Local development with SlashID can be a good fit for your evaluation, prototyping, development, and continuous integration workflows.

Identity-based attacks have become the primary way attackers move laterally in a network. They are also responsible for half of the initial intrusions.

Addressing these attacks requires very different tooling and approaches compared to malware-based attacks.

In this article we delve into the SlashID framework to address these attacks.

Stolen secrets and credentials are one of the most common ways for attackers to move laterally and maintain persistence in cloud environments.

In this blog post we introduce credential tokenization to protect secrets at runtime, introduce separation of duties, and reduce the credential rotation burden.

The recent Hugging Face breach is yet another reminder that securing machine-to-machine communication and API access is essential today.

By leveraging OAuth2 Client Credentials, you can enhance security, enable fine-grained access control, simplify credential management, and benefit from a standards-based approach.

With organization attributes, you can now easily store and manage tenant-level data directly on our platform.

With the deprecation of third-party cookies, first-party data has become crucial for websites to personalize user experiences.

SlashID introduces Anonymous Users, a feature that allows websites to collect user data without forcing users to register or log in, striking the perfect balance between data collection and user experience.

While very popular, PHP lacks modern identity and access management (IAM) capabilities. SlashID changes that with the release of our SDK for PHP and Laravel.

This is just the beginning; according to W3Tech PHP is used by over 76% of indexed websites. In the weeks to come, we aim to cover other popular frameworks such as Drupal and Symfony.

Adding custom claims to JWTs allows you to share identity information without repeated queries to external data sources.

Read on to learn how to customize claims with SlashID's webhooks.