Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint

7/9/2020
05:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Beyond Identity Joins FIDO Alliance

The FIDO Alliance was formed in July 2012 to address the lack of interoperability among strong authentication technologies.

NEW YORK, July 07, 2020 (GLOBE NEWSWIRE) -- Newly launched passwordless identity management startup Beyond Identity today announced it has joined the FIDO Alliance, a cross-industry coalition developing open, interoperable authentication standards that reduce reliance on passwords with authentication that is more secure, private, and easier to use.

The FIDO Alliance was formed in July 2012 to address the lack of interoperability among strong authentication technologies, and remedy the problems users face with creating and remembering multiple usernames and passwords. The organization is driven by hundreds of global technology leaders across enterprise, payments, telecom, government, and healthcare, all of which help to influence the development of FIDO specifications; establish best practices for deployment of FIDO Authentication; and drive global awareness of the Alliance, its mission, and the FIDO specifications.

“Passwords endure despite being universally reviled for their user unfriendliness and inherent insecurity,” said Tom (TJ) Jermoluk, Co-Founder and CEO of Beyond Identity. “We applaud FIDO’s mission to curtail the use of passwords – the bane of everyone’s existence and a major source of risk for CISOs – and look forward to collaborating with Alliance members on championing the adoption of authentication mechanisms that not only enhance the user’s login experience but bolster enterprise security.”

Founded to eliminate passwords, Beyond Identity exited stealth in April to introduce a revolutionary, passwordless identity management solution. Leveraging and extending inventions from Dr. Taher Elgamal, the “Father of SSL,” and Professor Dr. Martin Hellman, the co-inventor of public-key cryptography (PKC) – headliners of Beyond Identity’s all-star technical advisory board – the company replaces passwords with trusted certificates, originally defined in PKC and ubiquitously deployed within TLS (formerly SSL). This proven, secure, and scalable approach enables Beyond Identity to eliminate passwords, reduce risk for organizations, remove friction for end users, and offer consumers a much more secure alternative to password managers.

“We are excited to welcome our newest associate member, Beyond Identity,” said Andrew Shikiar, Executive Director and CMO of the FIDO Alliance. “The FIDO vision of universal strong authentication promises better security, enhanced privacy, more commerce, and expansion of services throughout digital industries. Beyond Identity’s addition to our Alliance supports our industry goal to make user authentication easier and safer for all parties.”

Unlike other authentication methods and general security products, Beyond Identity increases both usability and security simultaneously. The company’s cloud-native platform provides a secure method of authenticating users and devices without passwords by using the same secure and scalable approach – X.509 certificates – that is already universally deployed with TLS and underpins trillions of dollars in online transactions daily. The solution creates a Chain of Trust™ that includes user and device identity and a real-time snapshot of a device’s security posture, all in an immutable package that is signed by a provably secure certificate. Notably, Beyond Identity supports industry standards like OpenID Connect, SAML, and TLS, and is a member in the development of the FIDO Alliance’s FIDO2 specifications.

About Beyond Identity

Headquartered in New York City, Beyond Identity was founded by industry legends Jim Clark and Tom Jermoluk to eliminate passwords and radically change the way the world logs in, without requiring organizations to radically change their technology stack or processes. Funded by leading investors, including Koch Disruptive Technologies (KDT) and New Enterprise Associates (NEA), Beyond Identity’s mission is to empower the next generation of secure digital business by replacing passwords with fundamentally secure X.509-based certificates. This patents-pending approach creates an extended Chain of Trust™ that includes user and device identity and a real-time snapshot of the device’s security posture for adaptive risk-based authentication and authorization. Beyond Identity’s cloud-native solution enables customers to increase business velocity, implement new business models, reduce operating costs, and achieve complete passwordless identity management. Visit www.beyondidentity.com for more information.

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Attackers Leave Stolen Credentials Searchable on Google
Kelly Sheridan, Staff Editor, Dark Reading,  1/21/2021
How to Better Secure Your Microsoft 365 Environment
Kelly Sheridan, Staff Editor, Dark Reading,  1/25/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: We need more votes, check the obituaries.
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27295
PUBLISHED: 2021-01-26
The affected product has uncontrolled resource consumption issues, which may allow an attacker to cause a denial-of-service condition on the OPC UA Tunneller (versions prior to 6.3.0.8233).
CVE-2021-22159
PUBLISHED: 2021-01-26
Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a ...
CVE-2021-3308
PUBLISHED: 2021-01-26
An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors us...
CVE-2020-27299
PUBLISHED: 2021-01-26
The affected product is vulnerable to an out-of-bounds read, which may allow an attacker to obtain and disclose sensitive data information or cause the device to crash on the OPC UA Tunneller (versions prior to 6.3.0.8233).
CVE-2021-23272
PUBLISHED: 2021-01-26
The Application Development Clients component of TIBCO Software Inc.'s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a Cross Site Scripting (XSS) attack on...