The blog 01

Field notes from the identity frontier.

Breach teardowns, threat research and product dispatches from the team stopping identity attacks in production — written for the people who get paged.

Latest dispatch
Security·Jun 1, 2026

Analysis of the 2026 Stryker Breach: Weaponizing Cloud Endpoint Management

On March 11, 2026, attackers turned Stryker Corporation's own Microsoft Intune device-management plane into a non-encrypting wiper, factory-resetting roughly 200,000 endpoints across 79 offices worldwide without dropping a single piece of custom malware. This analysis reconstructs the Living-off-the-Land attack chain — from infostealer logs and AiTM session theft through privilege escalation to the Intune control-plane pivot — and shows how SlashID's MITM/AiTM detection, phishing-resistant authentication, behavioral anomaly detection, and just-in-time privileged access stop it.

Vincenzo Iozzo Vincenzo Iozzo
Co-founder & CEO
Read the analysis
Analysis of the 2026 Stryker Breach: Weaponizing Cloud Endpoint Management // security · Jun 1, 2026
61 dispatches
Security
Security · Apr 20, 2026

Vercel April 2026 Security Incident: How a Compromised OAuth App Led to a Major Breach

OAuth 2.0 · Vercel breach · Identity security
Read more
Security Deepfake Impersonation Attacks (Part 2): Defending with SlashID Mutual TOTP
Security · Mar 30, 2026

Deepfake Impersonation Attacks (Part 2): Defending with SlashID Mutual TOTP

Deepfakes · AI impersonation · Mutual TOTP
Read more
Security Deepfake Impersonation Attacks (Part 1): Anatomy of Modern Deepfakes
Security · Mar 16, 2026

Deepfake Impersonation Attacks (Part 1): Anatomy of Modern Deepfakes

Deepfakes · AI impersonation · Video fraud
Read more
Security NYDFS 2026 Vishing Advisory: Detection and Defense with SlashID
Security · Mar 6, 2026

NYDFS 2026 Vishing Advisory: Detection and Defense with SlashID

Vishing · NYDFS · Help desk impersonation
Read more
Security Scattered Spider Tradecraft: Identity Abuse, Attack Flow, and Defense
Security · Jan 16, 2026

Scattered Spider Tradecraft: Identity Abuse, Attack Flow, and Defense

Read more
Security
Security · Nov 9, 2025

Microsoft Actor Token Forgery

Actor Token Exchange Forgery · OAuth 2.0 · Supply‑chain attack
Read more
Security
Security · Sep 21, 2025

Access tokens strike again, the Salesloft Drift breach

Salesforce · Salesloft · Drift
Read more
Security
Security · Aug 31, 2025

Illicit Consent-Granting & App Backdooring – Obtaining persistence in Entra

Azure AD · Entra ID · OAuth 2.0
Read more
New Feature
New Feature · May 5, 2025

Achieving Least Privilege: Unused Entitlement Removal

Service account security · NHI · Identity security
Read more
Security
Security · Jan 8, 2025

Protecting against malicious OAuth 2.0 applications

Service account security · NHI · Identity security
Read more
Security
Security · Dec 16, 2024

Navigating PCI DSS 4.0: The Challenge of Non-Human Identities

Service account security · NHI · Identity security
Read more
Security
Security · Sep 30, 2024

Identity Security: The problem(s) with federation

Service account security · NHI · Identity security
Read more
Security
Security · Sep 16, 2024

Non-Human Identities Security: Breaking down the problem

Service account security · NHI · Identity security
Read more
New Feature
New Feature · Aug 26, 2024

Detecting Man-in-the-Middle Attacks with SlashID

mitm · man in the middle · aitm
Read more
Deep Dives
Deep Dives · Aug 22, 2024

A deep dive in the AWS credential leaks reported by Palo Alto Networks

credential theft · Leaked Environment Variables · unit 42
Read more
New Feature
New Feature · Jul 22, 2024

SlashID RBAC: Globally-available role-based access control

RBAC
Read more
Security
Security · Jul 15, 2024

Protecting against Snowflake breaches

Service account security · NHI · Identity security
Read more
New Feature
New Feature · Jun 24, 2024

Introducing the SlashID Local Deployment

local authentication · On-prem authentication · authentication deployment
Read more
Security
Security · Jun 17, 2024

ODPR: A Framework for Securing Non-Human Identities

Service account security · NHI · Identity security
Read more
New Feature Credential Tokenization: Protecting third-party API credentials
New Feature · Jun 10, 2024

Credential Tokenization: Protecting third-party API credentials

Read more
New Feature Secure API and M2M Access with OAuth2 Client Credentials and SlashID's sidecar
New Feature · Jun 3, 2024

Secure API and M2M Access with OAuth2 Client Credentials and SlashID's sidecar

ext_authz · s2s authentication · m2m authentication
Read more
New Feature
New Feature · May 14, 2024

Introducing Organization Attributes

organization attributes · secret storage · multi-tenancy
Read more
New Feature
New Feature · Apr 24, 2024

Introducing Anonymous Users: Balancing First-Party Data Collection and User Experience

First-party data · cookieless
Read more
Product Releases SlashID SDK for PHP and Laravel authentication
Product Releases · Apr 2, 2024

SlashID SDK for PHP and Laravel authentication

php · php authentication · laravel authentication
Read more
Deep Dives
Deep Dives · Mar 6, 2024

Adding custom claims to identity tokens

Read more
New Feature
New Feature · Feb 19, 2024

SlashID: Building a globally distributed Identity Platform

multi-region identity · localized identity · globally distributed
Read more
Deep Dives
Deep Dives · Jan 31, 2024

Passkeys Adoption Trends: Survey from Large Deployments

passkeys · passkeys benefits · passkeys rollouts
Read more
Security
Security · Jan 18, 2024

Single Sign-On implementation: Safely retrieving the email claim

OpenID Connect security · SSO security · Single Sign-on security
Read more
Security
Security · Jan 8, 2024

Single Sign-On implementation: Security Issues and Best Practices

OpenID Connect security · SSO security · Single Sign-on security
Read more
New Feature Introducing the SlashID Remix SDK: Authentication made easy
New Feature · Jan 2, 2024

Introducing the SlashID Remix SDK: Authentication made easy

auth · authentication · remix
Read more
Security Firebase Authentication and Google Identity Platform User Enumeration Vulnerability
Security · Nov 27, 2023

Firebase Authentication and Google Identity Platform User Enumeration Vulnerability

Read more
New Feature
New Feature · Oct 27, 2023

GDPR Compliance: Consent Management

Read more
New Feature
New Feature · Oct 23, 2023

OAuth 2.0 Fine-Grained API Authorization with Gate and OpenAPI

OpenAPI · API Authorization
Read more
Tutorial
Tutorial · Oct 16, 2023

Rate Limiting for Large-scale, Distributed Applications and APIs Using GCRA

distributed rate limiting · bot protection
Read more
Tutorial
Tutorial · Oct 10, 2023

Context-aware authentication: fight identity fraud and qualify your users

Read more
Deep Dives
Deep Dives · Sep 28, 2023

Backend Authentication and Authorization Patterns: Benefits and Pitfalls of Each

Read more
Deep Dives
Deep Dives · Sep 21, 2023

JWT Implementation Pitfalls, Security Threats, and Our Approach to Mitigate Them

JWT Security · JWT implementation · jwt security
Read more
Tutorial
Tutorial · Sep 18, 2023

No-code anti-phishing protection of internal apps with Passkeys

Read more
Tutorial
Tutorial · Sep 14, 2023

Firewalling OpenAI APIs: Data loss prevention and identity access control

Read more
New Feature
New Feature · Sep 12, 2023

Ditch your organizations table

Read more
Tutorial
Tutorial · Sep 5, 2023

Protecting Exposed APIs: Avoid Data Leaks with SlashID Gate and OPA

Read more
Open Source Docusaurus - Authentication and authorization with SlashID
Open Source · Aug 28, 2023

Docusaurus - Authentication and authorization with SlashID

Read more
New Feature Authenticate your Shopify customers with SlashID
New Feature · Jul 25, 2023

Authenticate your Shopify customers with SlashID

Shopify passwordless · Shopify authentication · Shopify Passkeys
Read more
New Feature
New Feature · Jul 20, 2023

Synchronous Webhooks

Read more
Tutorial
Tutorial · Jul 16, 2023

Building a React Login Page Template

react login page · react login · react authentication
Read more
New Feature
New Feature · Jun 10, 2023

SlashID Analytics Webhooks

Read more
Deep Dives Passkeys - Threat modeling and implementation considerations
Deep Dives · May 24, 2023

Passkeys - Threat modeling and implementation considerations

passkey · passkey implementation · webauthn implementation
Read more
New Feature Authentication flows with SlashID
New Feature · May 12, 2023

Authentication flows with SlashID

Read more
Tutorial Using Google Tink to sign JWTs with ECDSA
Tutorial · Feb 20, 2023

Using Google Tink to sign JWTs with ECDSA

Read more
New Feature
New Feature · Feb 9, 2023

React SDK support for <Groups>

Read more
New Feature Sign-in and Sign-up React component release
New Feature · Jan 18, 2023

Sign-in and Sign-up React component release

Read more
New Feature
New Feature · Jan 16, 2023

Fetching Google Groups with SlashID SSO

Read more
Experiments In-browser HSM-backed Encryption with Tink and Wasm
Experiments · Dec 18, 2022

In-browser HSM-backed Encryption with Tink and Wasm

Read more
New Feature Official React SDK release
New Feature · Nov 28, 2022

Official React SDK release

Read more
Open Source Adding Identity to Docusaurus
Open Source · Nov 12, 2022

Adding Identity to Docusaurus

Read more
New Feature Introducing Data Vault - Secure HSM-backed PII storage directly from the frontend
New Feature · Nov 7, 2022

Introducing Data Vault - Secure HSM-backed PII storage directly from the frontend

Read more
New Feature Social logins in 5 minutes or less
New Feature · Nov 1, 2022

Social logins in 5 minutes or less

Read more
Deep Dives App-layer cryptographic primitives for secure storage of user data
Deep Dives · Oct 20, 2022

App-layer cryptographic primitives for secure storage of user data

Read more
Deep Dives The good, the bad and the ugly of Apple Passkeys
Deep Dives · Sep 23, 2022

The good, the bad and the ugly of Apple Passkeys

passkey · passkey implementation · webauthn implementation
Read more
Compliance The Security and Regulatory Compliance Benefits of WebAuthn
Compliance · Sep 14, 2022

The Security and Regulatory Compliance Benefits of WebAuthn

Read more
Security Phishing Attacks – WebAuthn to the rescue
Security · Sep 12, 2022

Phishing Attacks – WebAuthn to the rescue

Read more
Subscribe 02

Get the dispatch in your inbox.

New breach teardowns and detection research, sent the day they ship. No digest, no marketing — just the analysis.

~2 emails a month · unsubscribe anytime
Threat ResearchBreach AnalysisProduct