A vulnerability in how some products have implemented a single sign-on protocol that lets users log in to websites and services with a single username and password could let an attacker log in instead ...

Microsoft completed its first SAML interoperability test and the results are in: Active Directory Federation Services 2.0 software received a passing grade. Microsoft’s federated identity platform ...

Microsoft next month for the first time will participate in SAML 2.0 interoperability testing using its Geneva platform to test against other vendors’ implementations of the open standard identity ...

A new technique called "Golden SAML" lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication ...

Microsoft's federated identity platform passed its first SAML 2.0 interoperability test; the company previously shunned the protocol for WS-Federation Microsoft’s federated identity platform passed ...

A proof-of-concept attack demonstrates how adversaries can abuse the Security Assertion Markup Language framework to go unnoticed and assume multiple user identities. Researchers at CyberArk Labs have ...

eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. Duo Security reported on Feb. 27 that it discovered a ...

An advisory from the U.S. National Security Agency provides Microsoft Azure administrators guidance to detect and protect against threat actors looking to access resources in the cloud by forging ...

Malicious cyber actors are abusing trust in federated authentication environments to access protected data. An “on premises” federated identity provider or single sign-on (SSO) system lets an ...

What is SAML and what is it used for? The Security Assertion Markup Language (SAML) is an open standard that allows security credentials to be shared by multiple computers across a network. It ...