More Security in OpenOTP Token
Attackers have developed new ways to abuse push-based authentication. Techniques such as push bombing (flooding the user with login requests), fatigue attacks (hoping the user approves one request out of annoyance), and accidental approvals (a mistaken tap on the screen) are becoming common. These attacks …
Raising the Bar for PAM: User Access Approvals
OpenOTP / WebADM now lets you require approvals before users get into sensitive systems. You can define approvers per application policy, choose how many approvals are needed, set approval time windows, make approvals one‑time or bound to a user’s IP, and exempt (allowlist) specific users. Approvals can …
Deep Dive: Two-Way Identity Synchronization with WebADM and Cloud IAM Providers
In our previous blog, Next-Gen IAM Management for Mixed Cloud Enterprise AD – The RCDevs Approach, we introduced the concept of two-way directory synchronization as a core capability of WebADM’s unified IAM platform. In this follow-up post, we take a closer look at how WebADM …
Next-Gen IAM Management for Mixed Cloud & Enterprise AD: The RCDevs Approach
In today’s hybrid infrastructure landscape, identity and access management (IAM) is a complex and ever-moving target. Enterprises rely on a mix of on-prem Active Directory (AD), cloud IAMs like Azure Entra ID, Okta, Ping, OneLogin, and DUO, and increasingly, customer-facing identity stores running over SQL …
Offline MFA and Critical Infrastructure IAM for Air-Gapped Security
Air-gapped networks—those physically isolated from unsecured networks and the internet—remain the last bastion of cybersecurity for organizations where a breach could be catastrophic. While air-gapped security is powerful, it is not foolproof. Insider threats, removable media, and a lack of granular access management all represent …
Streamlining Security Operations with WebADM’s AI-Powered Activity Reports
Security teams spend countless hours analyzing log files, searching for patterns that might indicate threats or compliance issues. This manual process is not only time-consuming but increasingly impractical as organizations generate millions of authentication and access events daily. With the release of WebADM version 2.4, …
Secure Access Control in Uncertain Times: Why a European-Built Stack Matters
Infrastructure and security teams today are operating in a context shaped by geopolitical instability, shifting regulations, and increasing scrutiny over digital supply chains. While technical requirements for authentication and access control are well understood—resilience, traceability, compatibility—there is now an added layer of concern around software …
Strengthening IT Security Through Good Infrastructure Hygiene
Maintaining clean, organized, and up-to-date infrastructure is a key aspect of a secure and resilient IT environment. Infrastructure and system hygiene refers to the ongoing practice of managing systems, networks, and data effectively to minimize security vulnerabilities and prevent operational issues. As highlighted in NIST …
Enhancing Compatibility: Kerberos Support in OpenOTP
Kerberos remains a cornerstone authentication protocol for organizations operating on-premises Active Directory (AD) environments. While modern protocols like SAML, OpenID, and OAuth dominate cloud-based identity and access management (IAM), Kerberos continues to play a vital role in legacy and hybrid IT infrastructures. Recognizing this, RCDevs …
OpenOTP Natively Integrates with Entra ID EAM
Managing identities and securing access are becoming increasingly complex as businesses transition to cloud-based services and hybrid work models. With OpenOTP’s latest integration, it now works seamlessly with Microsoft Entra ID (formerly Azure AD), providing advanced strong authentication services that can fully replace Entra ID’s …
