Revolutionizing Enterprise Security: The Exciting Future of Passkeys Beyond Passwords
As digital threats grow increasingly sophisticated, traditional password-based authentication systems are proving inadequate, leaving enterprises vulnerable to phishing, credential stuffing, and other cyberattacks. In response, passkeys built on public key cryptography are emerging as a robust alternative, offering enhanced security, user convenience, and resilience against modern threats.
SANS_Richard-Greene_Revolutionizing-Enterprise-Security-The-Exciting-Future-Passkeys-Beyond-Passw-1 (PDF, 1.61MB)
23 Dec 2024Related Content
Infrastructure as Code-Driven Group Policy Infrastructure: A Comprehensive Engine for Group Policy Architecture and Enforcement
Research PaperThis study introduces a PowerShell-based Infrastructure as Code (IaC) engine developed to automate the setup and enforcement of a STIG-compliant Group Policy framework.
- 5 Dec 2025
Defending Vulnerable Populations Against Scams: Effectiveness of Browser Extensions in Mitigating Scammer Attack Chains
Research PaperThis research evaluates the effectiveness of a browser extension as a security control—Grandma’s Guardian—designed for simplicity and accessibility so that even non-technical home users can benefit from enterprise-grade protection.
- 19 Nov 2025
Structural Vulnerability: Autodesk Revit Server WAN Exposure Versus Cost of Autodesk Construction Cloud
Research PaperAutodesk Revit Server, a critical collaboration tool in the architecture, engineering, and construction (AEC) industry, was designed to operate within trusted networks.
- 7 Nov 2025
Building Scalable Detection-as-Code Pipelines with Agentic Validation and Refinement
Research PaperThe proposed DaC pipeline uses large language models (LLMs) for logic conversion, variant analysis, and simulation testing via Atomic Red Team, with queries executed against Splunk to measure true positives and false negatives.
- 6 Nov 2025
Isolated Trust: Zero Trust in Standalone Systems
Research PaperThe use of air-gapped, isolated systems remains an essential tool for organizations that require high confidentiality or integrity, including those in the government, industrial control systems, and the banking industry.
- 6 Nov 2025
Privacy Protections: Are Stronger Laws Changing What We Reveal?
Research PaperAs U.S. states enact privacy laws aimed at giving consumers more control over their personal data, little is known about whether privacy legislation influences individuals’ willingness to disclose their identity on public platforms.
- 26 Sep 2025
"You Again": Fingerprinting and Tracking Mechanisms of Malicious Sites
Research PaperBrowsers provide many APIs for any visited site to perform stateful and stateless tracking, and legitimate websites utilize these capabilities. Yet little is widely known about what tracking, if any, malicious sites perform.
- 26 Sep 2025
Forensic Investigation of Bluetooth-Based Credit Card Skimmers
Research PaperHidden Bluetooth Low Energy (BLE) credit skimmers are a growing threat to credit card fraud. Criminals can set up practical and inexpensive systems built on top of modules, such as the HM-19, to collect and transmit stolen data covertly across wireless channels.
- 3 Sep 2025
Evaluating Zero Trust Network Access: A Framework for Comparative Security Testing
Research PaperEvaluating Zero Trust Network Access: A Framework for Comparative Security Testing
- 11 Jul 2025
AI-Driven Insecurity: Assessing Security Gaps in AI Generated IT Guidance
Research PaperThe increasing reliance on AI-generated technical guidance for IT system configuration introduces significant security risks. This study assesses these risks through a case study: setting up an Apache web server on a Rocky Linux system using instructions from seven AI models.
- 13 May 2025
SIEM Detection Logic Conversion with LLMs
Research PaperThis research explores how Large Language Models (LLMs) and automation scripts can expedite the translation of detection logic between SIEMs, converting detections in minutes instead of hours.
- 2 May 2025
A Pebble In the Ocean: Maximizing Log Fidelity In Container Environments
Research PaperLog fidelity is crucial for Incident Response Teams to investigate and contain cyber incidents but...
- 17 Apr 2025
Validating the Effectiveness of MITRE Engage and Active Defense
Research PaperThis research examines the impact of Active Defense compared to a traditional security posture when an adversary employs common tactics and techniques to identify high-value targets or exfiltrate sensitive data.
- 29 Mar 2025
Shift Left the Awareness and Detection of Developers Using Vulnerable Open-Source Software Components
Research PaperThe number of open-source software components, as well as the number of existing security...
- 26 Mar 2025
Strolling Through the STIG
Research PaperThe CKL file has become the unofficial common language amongst the Department of Defense activities...
- 7 Mar 2025
Building Resilient IoT Devices: Binary Hardening with Yocto and Clang
Research PaperThis paper addresses the critical need for enhanced security in Internet of Things (IoT) devices by evaluating the implementation of binary hardening techniques using Clang security features within the Yocto build environment.
- 3 Mar 2025
Identifying Advanced Persistent Threat Activity Through Threat-Informed Detection Engineering: Enhancing Alert Visibility in Enterprises
Research PaperAdvanced Persistent Threats (APTs) are among the most challenging to detect in enterprise...
- 20 Feb 2025
Persistence Busters: High Impact Methods for Adversary and Threat Detection
Research PaperThis research investigates the top persistence techniques targeting Windows systems as documented in the MITRE ATT&CK framework and how to detect them.
- 7 Feb 2025
Evaluating Modern Network Protocol Fingerprinting: Defending Bastion Hosts in Hostile Networks
Research PaperAdversaries continue to attack the network perimeter and trusted user workstations to gain access to...
- 6 Feb 2025
Unveiling the Dependency on Network Telemetry: Optimizing Lateral Movement Detection
Research PaperThis study investigates the dependency on network and endpoint telemetry for identifying lateral...
- 17 Jan 2025