Importance of Third-Party Testing and Verification

All companies that create software necessarily do varying degrees of internal testing. There are numerous types of which can include: unit, system or "end-to-end", regression, performance, load or "stress", accessibility and security. Yes, that is a LOT and it's only a sample! Having a dedicated team of specialists for this purpose is ideal, but anyone that works with the same product daily is...

Continue Reading →

Tags: Press Release, software as a service, Software Security Testing, SSO, Static Binary Analysis, static password, usability, User Experience, Veracode, Application Security Testing, Password Management, #phishing, PortalGuard Configuration, PortalGuard for Education, PortalGuard Update, Service Provider, Single Sign-On (SSO), SSPR, Stand your Ground, tech support, updates, PortalGuard Service Provider, veracode verified, "static" analysis, Spoofing, Probabilistic Techniques, Exploitation of Authentication, Manual Penetration Testing, Dynamic Link Libraries, Abuse of Functionality, Exploitation of Trust, Data Structure Attacks

SAML or CAS SSO - Which Industry Standard Protocol Should You Choose?

Industry standard protocols are the reason that Single Sign-On (SSO) is a popular topic throughout the tech industry.  SSO reduces login prompts for end-users while improving both usability and productivity. Without the use of industry-standard protocols, this entire process would be much more difficult to implement and manage.  However, it can often be difficult to decide which protocol to...

Continue Reading →

Tags: #applications, CAS, Centralized Authentication, IdP, Integration, PortalGuard, Security Assertion Markup Language, SSO, PortalGuard Configuration, SAML, #samlapplications, #SAMLSSO, secure authentication, Service Provider, Single Sign-On, Single Sign-On (SSO), stronger security, Single Sign-On Options, increase security, flexibility, sign on to web applications, Standards, Simplicity, Modern SSO Protocols, SSO Support Protocols, web-based SSO, maintain security privacy, industry standard protocols, SSO reduces login prompts for end-users, troubleshoot, server-to-server communication, secure communication, metadata, simple configuration, streamlined integration, simplified integration, applications supporting SAML, improve usability and productivity, Central Authentication Service, IdP Options, Shibboleth, ADFS, IdP supports multiple industry standard protocols, modern industry standard protocols, simplify integrations, HTTP-based SAML protocol, CAS SSO, timing of the request, CAS Authentication, protocol configuration, SSO Process, configuration process, SAML vs CAS, secure integration, secure SSO

by Tom Hoey 0 Comments

SAML Overview

What is SAML?

The SAML specification is an XML-based framework designed for transporting user authentication, entitlement, and attribute information across the web safely and efficiently.  It has a number of primary usage scenarios, including but not limited to the following:

Continue Reading →

Tags: Assertion, Authentication, Authentication Security, Identity Assertion, Identity Federation, Identity Provider, IdP, IdP initiated, OASIS, PortalGuard, SAML Token, XML, Access Control, Principal, SAML, SAML Request, SAML Response, Service Provider, Single Sign-On, SOAP, SP Initiated

by Tom Hoey 0 Comments

SAML Single Sign-On for BlackBoard

Sensitive data makes universities a large target for attacks as we have seen in recent news. Increasing both security and providing ease of use for both faculty and students is imperative. PortalGuard’s SAML Plug-in for BlackBoard uses a standards-based approach so you can achieve seamless integration, eliminate multiple password prompts and roll all applications up under a single point of...

Continue Reading →

Tags: ACS, Assertion Consumer Service, Authentication Security, Blackboard, Blackboard Extension, Building Block, Identity Provider, IdP, PortalGuard, Security Assertion Markup Language, SSO, Tokenless Authentication, Authentication Provider, SAML, Service Provider, Single Sign-On, Single Sign-On (SSO), Two-Factor Authentication