Spring Framework CVE: How it affects FusionAuth (TLDR: It doesn't)
The recent announcement of CVE-2022-22965, where "a Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE)...
April 5, 2022
Categories
Security
Log4j CVE: How it affects FusionAuth (TLDR: It doesn't)
The recent announcement of CVE-2021-44228, which allows for "arbitrary code loaded from LDAP servers when message lookup substitution is enabled" through a...
December 10, 2021
FusionAuth Introduces Advanced Threat Detection to Help Safeguard User Identity
FusionAuth, makers of the complete, developer-focused API-first identity and access management platform, today announced FusionAuth Advanced Threat Detection....
August 24, 2021
FusionAuth Advanced MFA Gives Developers Flexibility, Control in Deploying Authentication Factors
FusionAuth, makers of the complete, developer-focused API-first identity and access management platform, today announced FusionAuth Advanced Multi Factor...
June 8, 2021
Security and privacy risks when implementing an auth system
Given the increase of data beaches in the past few years, it's more important than ever for software engineering leaders to prioritize security, quality...
May 20, 2021
Auth specific scaling challenges
Modern authentication is built on hashing passwords using computationally expensive algorithms. Because of this intense CPU usage, there's a push-pull...
March 11, 2021
Breached password detection best practices
Breached password detection may be the wave of the future, but some third-party solutions are better than others. Performance, flexibility, ease of use, user...
October 19, 2020