InfoWorld

Microsoft ends standoff against SAML 2.0

Microsoft's federated identity platform passed its first SAML 2.0 interoperability test; the company previously shunned the protocol for WS-Federation Microsoft’s federated identity platform passed ...
TheServerSide

SAML: It's Not just for Web services

SAML (Security Assertion Markup Language) is an XML-based standard for exchanging authentication and authorization data between security domains. SAML is a product of the OASIS Security Services ...
CSOonline

How SAML works and enables single sign-on

What is SAML and what is it used for? The Security Assertion Markup Language (SAML) is an open standard that allows security credentials to be shared by multiple computers across a network. It ...
Bleeping Computer

Golden SAML Attack Lets Attackers Forge Authentication to Cloud Apps

A new technique called "Golden SAML" lets attackers forge authentication requests and access the cloud-based apps of companies that use SAML-compatible domain controllers (DCs) for the authentication ...
CSOonline

Samlify bug lets attackers bypass single sign-on

A critical vulnerability in the popular samlify library could potentially allow attackers to bypass Single Sign-On (SSO) protections and gain unauthorized access to systems relying on SAML for ...