Pepijn BruienneExtremely interesting discussion on this week's @riskybusiness podcast soapbox segment (https://overcast.fm/+It0jHgm4Q/41:09) with Okta's Chief Product Architect Karl McGuinness (@[email protected]) about their adoption of CAEP (https://openid.net/specs/openid-caep-specification-1_0.html) for better continuous access evaluation and first implemented in production in collaboration with Apple's Managed Apple ID for businesses and schools (https://developer.apple.com/wwdc23/10254?time=1032)
If you're not super-familiar with with CAEP (or RISC) a good primer is this Shared Signals guide which covers SSF and the event protocols and their definitions: https://sharedsignals.guide/#eventdefinitions Or, if you just like reading specs, check out the OpenID URL 👆 (shout out to @timcappalli) and nerd out.
On a personal note I am very excited to be paving the road to get from the limited signal fidelity of SCIM et al. to a true continuous authn/authz future.
Risky Business #739 — ALPHV exit scams while Change Healthcare burns — Risky Business
In this week’s show Patrick Gray and Adam Boileau discuss the week’s security news. They talk about: The serious consequences from the Change Healthcare ransomware, and the need for a … nastier response Predator spyware maker getting a stern sanctioning A German military WebEx meeting gets snooped Mem-corrpution is still king And much, much more In this week’s sponsor interview Patrick Gray speaks to Karl McGuinness, Okta’s chief architect, about some new security improvements they’ve built into their IDP.