Join Us at Oktane 2025! September 24-26 | Caesars Palace, Las Vegas | Booth S6

Want to learn the best practice for configuring Chromebooks with 802.1X authentication?

Sign up for a Webinar!
INSIGHTS & UPDATES

SecureW2 Blogs

Stay informed with expert insights, best practices, and the latest developments in network security, identity management, and SecureW2 product updates.

JoinNow 8.0: Adaptive Defense, ACME for Server Certs, and More!

Trust rules how the world works. It’s the foundation of personal relationships, how we choose who to do business with, and how we grant people (and now non-human identities) access to critical systems and information. Despite how important it is, ... Read More

Read More
When Static Trust Becomes a Backdoor: Lessons from the 2025 SharePoint ToolShell Exploit

In July 2025, a widely exploited zero-day vulnerability, CVE-2025-53770 & 53771, named ToolShell, hit on-premises Microsoft SharePoint Server systems, triggering a large-scale compromise. The ToolShell exploit gave attackers unauthenticated remote code execution in on‑premises SharePoint by chaining a spoofed Referer ... Read More

Read More
How To: Enabling Safe GenAI Access on Unmanaged Devices and Corporate Wi-Fi

Generative AI (GenAI) tools such as ChatGPT, Claude, and GitHub Copilot have become integral to the workplace and are used by employees as productivity tools. Banning new tech doesn’t work; it drives adoption underground and fuels shadow IT. The genuine ... Read More

Read More
Securing Identity-less Infrastructure and Userless Agents

The security landscape is profoundly transforming as AI and cloud-native technologies reshape organizations’ operations. Today, infrastructure consists of identity-less components such as containers, serverless functions, and ephemeral compute instances that simply run without logging in as traditional users do. Alongside ... Read More

Read More
The Password That Collapsed a Company: What We Can Learn from the KNP Logistics Ransomware Attack

“A ransomware attack on the group’s IT systems had such a devastating impact that the group concluded it could not continue to trade,” – BBC KNP Logistics (formerly known as Knights of Old), one of the UK’s largest privately owned ... Read More

Read More
Launching Certificate-Based Security Shouldn’t be Intimidating

“Global spending on information security and risk management is expected to grow 14.3% in 2025 to reach $212 billion.” Source: Gartner Press Release, August 28, 2024 Implementing strong network security is essential. But, necessary is also complex since deploying and ... Read More

Read More
5 Million Unsecured Wi-fi Networks: Why We’re Still Failing at Basic Network Security

As of 2025, more than 5 million unsecured Wi-Fi networks are active worldwide. Schools, hotels, small businesses, and even enterprise guest networks continue to rely on open or shared-password Wi-Fi. Organizations often assume their guest or open Wi‑Fi is fully ... Read More

Read More
Certificate Pinning vs. Device Attestation

Certificate pinning is widely used in networks to establish trust between client devices and servers. However, with enterprises shifting to dynamic BYOD and device trust policies, certificate pinning alone does not suffice to secure networks. Pinning merely validates the server, ... Read More

Read More
What is the difference between MITM and AITM?

A traditional Man-in-the-Middle (MITM) attack primarily involves an attacker passively intercepting a communication channel to eavesdrop or steal static credentials, such as passwords. The Adversary-in-the-Middle (AITM) attack takes this a step further. Instead of just listening, the attacker actively sets ... Read More

Read More
Apple Managed Device Attestation Explained

Apple introduced Managed Device Attestation (MDA) to give organizations stronger assurance about the devices they authorize for access. Device Trust, which identifies devices managed by your organization and ensures they comply with security policies, is a foundational part of Zero ... Read More

Read More
Understanding Authentication Strengths in Conditional Access

As cyberattacks become more targeted and identity becomes the core of security strategy, IT administrators are rethinking how users authenticate to sensitive resources. Organizations widely adopt Multi-Factor Authentication (MFA) to mitigate the risks of compromised passwords; however, increasingly sophisticated phishing ... Read More

Read More