Multi-factor & Risk-based Authentication , Security Operations

Silver SAML Threat: How to Avoid Being a Victim

Eric Woodruff of Semperis on Improving Certificate Management Practices
Silver SAML Threat: How to Avoid Being a Victim
Eric Woodruff, product technical specialist, Semperis

Semperis researcher Eric Woodruff discovered Silver SAML - a new technique used to launch attacks from an identity provider against applications configured to use it for authentication. How does it differ from Golden SAML, and how can enterprises respond to the threat? Woodruff shares insight.

In this interview with Information Security Media Group, Woodruff discussed:

  • The evolution from Golden SAML to Silver SAML;
  • Challenges brought by externally generated certificates;
  • How to avoid being a victim of Silver SAML attacks.

Woodruff focuses on ITDR and cloud identity resilience. He is a Microsoft MVP for security, recognized for his expertise in the Microsoft identity ecosystem. Throughout his 23-year career in information technology, Woodruff has held a diverse range of roles, including technical manager in the public sector, senior premier field engineer at Microsoft, and security and identity architect in the Microsoft partner ecosystem.




Around the Network

Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing govinfosecurity.com, you agree to our use of cookies.