We unmistakably understand security is a continuous, diligent process — which also underpins our ethos at LoginRadius. Our InfoSec team continuously works to ensure a robust security posture by working on various InfoSec compliance frameworks and programs that assure data security and enable continuous trust with our customers. In the last couple of years, we re-engineered LoginRadius CIAM to deliver a highly-scalable, more robust identity platform for our customers whose growing end-user interactions needed enterprise scalability and reliability to serve seamless experiences, implying that we also need to be aware of a security paradox:
We’re knowledgeable of and diligent about this paradox, needing our InfoSec team to creatively work parallelly to comply with various security frameworks and ensure a comprehensive, robust security posture throughout the organization and for our customers. Comprehensive Security with ISO 27001, 27017, and 27018We implement important security standards set by ISO that are highly relevant to us, like ISO 27001, ISO 27017, and ISO 27018, so that we can demonstrate the quality of our security policies, methodologies, and infrastructure. In 2022, we again completed external audits without shortcomings to ensure our re-engineered platform’s security aligns with industry-wide recognized standards. SOC2 Type 2 AuditWe have conducted a SOC2 Type 2 external audit to ensure that our security controls have been effective and producing the results we intended without lags. Penetration TestingAs part of our recurring annual activities, we have successfully performed external penetration testing in multiple phases utilizing manual and automated techniques. This has furthered our efforts to ensure LoginRadius’s security posture is robust and highly defensible. Bug Bounty ProgramWe have been actively engaging with the broader security community through our bug bounty program, instilling trust in our customers and stakeholders that we won’t leave any stone unturned when it comes to the security and integrity of our organization. Further on InfoSecIn addition to some major InfoSec compliances, external audits, and bounty programs, our team has worked closely on various other areas:
ConclusionWe have taken significant strides in fortifying our security posture in 2022, almost perfectly supporting and complementing our re-engineering of the LoginRadius CIAM platform. Overall, the InfoSec team has diligently ensured that the security controls and methodologies are effective. At LoginRadius, we remain committed to staying current and compliant with the latest security standards to provide customers with the best possible experience while ensuring their data is secure. Originally published at LinkedIn
2020-2022: How We Fortified LoginRadius’s Security Posture?
We unmistakably understand security is a continuous, diligent process — which also underpins our ethos at LoginRadius. Our InfoSec team continuously works to ensure a robust security posture by working on various InfoSec compliance frameworks and programs that assure data security and enable continu
https://bit.ly/3zENVYa https://guptadeepak.com/content/images/2023/04/loginradius-security-posture-build.png https://deepakguptaplus.wordpress.com/2023/04/08/how-we-fortified-loginradiuss-security-posture/
0 Comments
Twitter is one of the world's most popular social media platforms, with over 368 million monthly active users. The platform has been used to share news, information, and opinions on various topics. However, the inner workings of Twitter's algorithm have been a mystery to many users. Twitter has tried to be more transparent about its algorithm in recent years. In 2017, the company released a blog post outlining its algorithm's basic principles. However, the details of the algorithm have remained largely unknown. In 2023, Twitter announced that it would be making its algorithm open-source. This means anyone can now view the code that powers Twitter's algorithm. This is a significant development, as it allows users to understand better how their content is ranked and displayed. What is Twitter's algorithm? Twitter's algorithm is a complex system that considers various factors when ranking and displaying content. These factors include:
The algorithm is constantly being updated to improve the user experience. For example, in 2018, Twitter announced that it would give more weight to "quality" content. This means users are likelier to see high-quality, informative, and engaging content. Why is Twitter's algorithm important? Twitter's algorithm is crucial because it determines what content users see. The algorithm can be used to promote certain types of content over others. This can have a significant impact on the spread of information and ideas. For example, if the algorithm is biased towards certain types of content, it can lead to a "filter bubble" where users only see content that confirms their existing beliefs. This can be dangerous, making people more polarized and less open to new ideas. Open-source algorithmsThe move was announced by Twitter's CEO Elon Musk, who had previously polled his followers about whether they wanted to see the algorithm's inner workings.
The decision to open-source the algorithm is expected to bring more transparency and accountability into Twitter's functions and help researchers and developers understand how the platform curates and ranks content for its users. The recommendation algorithms code have released on GitHub.
GitHub – twitter/the-algorithm: Source code for Twitter’s Recommendation Algorithm
Source code for Twitter’s Recommendation Algorithm – GitHub – twitter/the-algorithm: Source code for Twitter’s Recommendation Algorithm
![]() According to Twitter's blog post, the algorithm has three main stages: candidate sourcing, ranking, and filtering. Candidate sourcing is the process of fetching the best tweets from different sources, such as accounts that a user follows (in-network) or accounts that a user does not follow (out-of-network). The algorithm uses various models to predict how likely users are to interact with a tweet or an account based on their previous engagements and interests. The goal is to make the "For You" timeline a mix of 50% in-network and 50% out-of-network tweets. Ranking is the process of scoring each tweet using a machine learning model that considers thousands of features, such as the tweet's content, popularity, recency, and relevance. The algorithm also labels each tweet with a category, such as news, entertainment, sports, etc. The ranking aims to optimize for positive engagement, such as likes, retweets, and replies. Filtering applies heuristics and filters to remove tweets unsuitable for display on the timeline, such as tweets from blocked users, NSFW content, or duplicate tweets. The algorithm also tries to ensure diversity and balance on the timeline by limiting the number of tweets from the same account or category. Implications of Twitter's open-source algorithm The release of Twitter's open-source algorithm is a significant development. It allows users to understand better how their content is ranked and displayed. This can help users to improve the chances that a wider audience will see their content. The algorithm's release does not mean that users can fully control what they see and do on Twitter. Twitter's open-source algorithm is a rare example of a significant tech company sharing its core technology with the public. It could potentially inspire other platforms to follow and offer more transparency and control to their users. It could also enable researchers and developers to study and improve the algorithm's performance and impact on society.
Overall, the release of Twitter's open-source algorithm is a positive development. It allows users to understand better how the platform works and to improve the chances that a wider audience will see its content. However, it is essential to note that the algorithm is still complex, and there is still much that we do not know about it. https://bit.ly/3Kw2IL1 https://images.unsplash.com/photo-1611605698335-8b1569810432?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxMTc3M3wwfDF8c2VhcmNofDl8fHR3aXR0ZXIlMjBjb2RlfGVufDB8fHx8MTY4MDU2MzYzMQ&ixlib=rb-4.0.3&q=80&w=2000 https://deepakguptaplus.wordpress.com/2023/04/04/revolutionizing-social-media-twitters-open-source-algorithm/ Lazy registration is a process allowing users to start using a website or app without creating an account first. Instead, they can try out the site or app and decide later if they want to register. This can be a great way to encourage users to try out your site or app, as they don't have to commit to anything immediately. Benefits of lazy registrationLazy registration is a design pattern that defers asking users to register until it’s absolutely needed, such as when they want to perform an action that requires an account. There are several benefits to using lazy registration on your website or app.
How to implement lazy registrationDepending on your needs and preferences, there are different ways to implement lazy registration on your website or mobile app. Here are some best methods:
Tips for successful lazy registrationWhen implementing lazy registration, there are a few things you can do to make it successful. First, ensure your site or app is easy to use and navigate. This will make it easier for users to find the information they need and to take the next step in the registration process. Second, make sure that your call to action is clear and concise. Tell users what they must do to register and what they'll get out of it. Third, offer a variety of ways for users to register. This could include a traditional registration form, a social login feature, or a guest mode. Fourth, make sure that your registration process is secure. Use a secure form and store user data in a safe place. Fifth, test your lazy registration process before you launch it. Ensure that it works properly and that users can easily register for your site or app. ConclusionLazy registration can be a great way to encourage users to try out your website or app and to collect more data about your users. Passwordless and social login are couple of the quick way to implement and utilize the benefits. When implemented correctly, it can help to improve user experience and to increase sign-ups. https://bit.ly/40MUWBY https://images.unsplash.com/photo-1581081536310-c88f076b4ac4?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxMTc3M3wwfDF8c2VhcmNofDEzfHxsYXp5fGVufDB8fHx8MTY4MDQ1MDA3MQ&ixlib=rb-4.0.3&q=80&w=2000 https://deepakguptaplus.wordpress.com/2023/04/03/effortless-sign-up-with-lazy-registration/ IntroductionA hashing algorithm is a mathematical function that takes an input (like a piece of text or a file) and converts it into a fixed-length string of characters, usually numbers or letters. This string called a "hash," is like a unique fingerprint for the input. Hashing algorithms are designed to be fast and produce unique hashes for different inputs. They are used in various applications, such as checking data integrity, securing passwords, and organizing data. A good hashing algorithm should:
Popular hashing algorithmsHere are some common types of hashing algorithms:
Pros:
Cons:
2. SHA-1 (Secure Hash Algorithm 1)
Cons:
3. SHA-256 (Secure Hash Algorithm 256-bit)
Cons:
4. bcrypt
Cons:
5. Argon2
Cons:
The choice of hashing algorithm depends on the specific use case, security requirements, and performance considerations. Modern algorithms like bcrypt or Argon2 are recommended for critical applications such as password security. For general-purpose hashing, where security is less of a concern, faster algorithms like SHA-256. How do hashing algorithms workHere's a high-level overview of how hashing algorithms work:
Some fundamental properties of a good hashing algorithm include the following:
Applications of hashing algorithmsHashing algorithms have several critical use cases across various domains, including: Password Storage and Verification: Hashing algorithms commonly securely store and verify user passwords. When a user creates a password, the password is hashed, and the hash is stored in the database. When the user attempts to log in, the entered password is hashed again, and the resulting hash is compared to the stored hash. This ensures that the actual password is never stored in plain text. Data Integrity: Hashing algorithms can verify data integrity by generating a unique hash for a given piece of data. When the data is transferred or stored, the hash can be recalculated and compared to the original to ensure the data has not been altered or corrupted. Data Indexing and Lookup: Hashing algorithms are used in data structures like hash tables to index and look up data quickly. By generating unique hashes for input data, the data can be efficiently stored and retrieved using the hash as the key. Proof-of-Work Systems: In blockchain and cryptocurrency technologies, hashing algorithms are used in proof-of-work (PoW) systems to validate new blocks and maintain consensus in the network. Miners must find a hash that meets certain conditions, which requires significant computational effort to ensure the security and stability of the blockchain. Cryptographic Applications: Hashing algorithms are used in various cryptographic applications, such as digital signatures, message authentication codes (MACs), and key derivation functions. In these scenarios, hashing provides a unique and secure input data representation. Deduplication and Data Compression: Hashing algorithms can identify duplicate data and perform data compression by comparing the hashes of different data elements. If two data elements have the same hash, they are considered identical, allowing the system to store only one copy and save storage space. Digital Forensics and Malware Detection: In digital forensics and cybersecurity, hashing algorithms can identify known malicious files or detect changes in system files by comparing their hashes to known good or bad hashes in a database. The versatility and unique properties of hashing algorithms make them an essential tool in various security applications. Security of hashing algorithmsHashing algorithms are considered secure when they possess specific properties that make them resistant to attacks and ensure the confidentiality, integrity, and authenticity of the data they process. Here are some fundamental properties that contribute to the security of hashing algorithms: One-Way Function: A secure hashing algorithm should be a one-way function, meaning it's computationally infeasible to reverse-engineer the input data from its hash. This property ensures that even if attackers gain access to the hash, they cannot easily determine the original data or password. Collision Resistance: A secure hashing algorithm should have a low probability of producing the same hash for two different inputs. This property, called collision resistance, makes it extremely difficult for an attacker to find two distinct inputs that produce the same hash, potentially compromising the data's integrity or authenticity. Avalanche Effect: A secure hashing algorithm should exhibit the avalanche effect, which means that a slight change in the input results in a significant change in the output hash. This property ensures that similar input data will produce vastly different hashes, making it harder for an attacker to guess the input based on the hash. Fast and Efficient: A secure hashing algorithm should be fast and efficient to compute for legitimate users and applications but slow enough to deter brute-force attacks where an attacker attempts to guess the input by trying numerous possibilities. Resistance to Preimage Attacks: A secure hashing algorithm should resist preimage attacks, where an attacker tries to find an input that produces a specific target hash. Given only its hash, this property ensures that it's computationally infeasible to find the original input data by brute force or other means. Resistance to Length Extension Attacks: A secure hashing algorithm should resist attacks. An attacker can append additional data to the input and compute the new hash without knowing the original input. This property is crucial for maintaining data integrity and preventing unauthorized modifications. When a hashing algorithm possesses these properties, it is considered secure and can be used for various applications such as data integrity, password storage, and cryptographic purposes. The latest developments are always happening in cryptography and hashing algorithms, as new weaknesses or vulnerabilities in existing algorithms may be discovered over time, and more secure alternatives may become available. ConclusionIn conclusion, hashing algorithms are essential in cyber security and cryptography, providing unique fingerprints for input data through mathematical functions. They play a crucial role in various applications, such as ensuring data integrity, securely storing passwords, digital signatures, and data indexing. A secure hashing algorithm possesses properties like one-way functionality, collision resistance, and the avalanche effect, making it resistant to attacks and suitable for sensitive applications. As the field of cryptography evolves, it's vital to stay informed about the latest developments and choose the appropriate hashing algorithm based on the specific use case, security requirements, and performance considerations. https://bit.ly/40RIX5Y https://guptadeepak.com/content/images/2022/11/hashing-algorithm-deepak-gupta-com.jpeg https://deepakguptaplus.wordpress.com/2023/03/31/understanding-hashing-algorithms-a-beginners-guide/ In the last couple of years, we re-engineered our CIAM platform to consistently deliver enterprise-grade scalability, throughput, availability, and stability. This was much needed as some of our largest customers have been serving massive user bases for whom seamless and responsive experiences were paramount. In this transition, the DevOps team has pushed boundaries to improve the infrastructure, availability, and scalability, supporting our platform re-engineering efforts and thus delivering a highly performant CIAM platform. Here, I write about the DevOps team’s journey, invaluable contributions, and memorable achievements. Zero-Downtime UpgradesThere are no two ways about it: We don’t like downtimes, and avoiding them is our priority, so we need to be technically strong with the DevOps fundamentals while incorporating cutting-edge technologies and creative engineering. Firstly, our DevOps team has prioritized upgrades with zero downtime, as this approach benefits our customers immediately as well as in the long term. We extensively use Kubernetes to deploy, manage, and orchestrate our application and container infrastructure. And new Kubernetes versions are released every four months with security and performance improvements. For this, our team has devised an upgrade procedure with robust automation, which resulted in upgrading our Kubernetes clusters to the latest version with zero downtime. Secondly, our biggest customers have had some events with unpredictably heavy application loads. As our customers communicated these events timely and relied on us to deliver seamless scalability and throughput, we diligently worked with them to provide zero-downtime elastic scalability with efficient cost optimization. The team’s efforts are supported by our earlier rebuilding of APIs in Golang, about which our Lead Architect Vijay Singh has written thoroughly: Why We Re-engineered LoginRadius APIs with Go? Security EnhancementsPerformance upgrades and zero-downtime efforts are easily perceivable; however, we know that security efforts should be second to none. While our customers want us to deliver cutting-edge performance for their identity use cases, we help them trust us with robust security and data compliance measures. Firstly, as a CIAM platform provider, it’s common for us or for our customer endpoints to get malicious traffic. To improve malicious IP address blocking, we have automated blocking at the proxy level based on real-time analysis utilizing factors like HTTP response codes and IP malicious score — blocking bad actors incredibly early without letting them degrade API and infrastructure performance. Secondly, we have thoroughly reviewed the security posture of various multi-cloud platforms and services. We have moved away from services that didn’t meet our security levels and incorporated much more secure and robust services. All these efforts have helped us successfully complete a third-party penetration testing and provide compliance reporting for ISOs and SOC2 with no shortcomings. New Infrastructure for Disaster RecoveryAs our application loads grew, we soon realized that relying on Kubernetes for failover has some downsides. Keeping the control plane up to date became tedious, and the team soon discovered that one region's API degradation was affecting another region's traffic since it was the failover for the first region. After much discussion and research, we decided to work on a completely new DR infrastructure utilizing AWS Elastic Container Service to create a solution to completely isolate region-specific traffic and degradation. With this approach, the team re-architected the DR setup at minimal cost and achieved better resilience. Also, we have successfully completed the yearly disaster recovery execution, achieving an impressive 30% improvement in the time it takes to restore various components of the architecture. Through careful planning and execution, we have streamlined the disaster recovery process, ensuring critical systems can be brought back online as quickly as possible when extreme events occur. Further DevOps ImprovementsWe have worked on many other processes and objectives, including: Incident Management Handbook: We recently introduced a thoroughly improved incident management handbook that provides comprehensive guidance for various actions based on alerts. The handbook serves as a single point of reference and contains detailed information on handling specific alerts. The team's proactive efforts in creating the handbook have significantly reduced the time taken to onboard new site reliability engineering (SRE) members to just a couple of days from a few weeks. The handbook has proven to be a valuable resource for the team, providing the necessary information and tools to manage and mitigate incidents effectively. Fully Automated Custom Domain/SSL Pipeline: Our existing custom domain pipeline had code complexities and could only create or renew certificates every six hours. This led to certificate synchronizing issues across all proxy servers in the old architecture, making it hard to detect if sync didn't happen. In response to this challenge, we architected and implemented a fully automated custom domain and SSL pipeline from the ground up. The new system has significantly reduced the time it takes to create or renew certificates, bringing it down to just 15 minutes. With the new pipeline, certificates synchronize automatically across all proxy servers instantly. Additionally, an alerting system has been implemented to notify us of any sync failures. The ResultsThe DevOps team's efforts have been monumental in extensively supporting our re-engineering efforts. All this has given us competitive performance, reliability, and cost-effectiveness advantages that our customers have been so satisfied with — and helped us scale our platform to support 100k RPS (requests per second) and beyond if the need arises. ConclusionOverall, the LoginRadius DevOps team’s efforts and achievements have exceeded expectations, resulting in a highly performant CIAM platform that meets customers' demands for scalability, stability, and security. Originally published on LinkedIn
2021-2022: How LoginRadius’s DevOps Delivered Beyond Expectations?
In the last couple of years, we re-engineered our CIAM platform to consistently deliver enterprise-grade scalability, throughput, availability, and stability. This was much needed as some of our largest customers have been serving massive user bases for whom seamless and responsive experiences were
https://bit.ly/3Jrk6A8 https://guptadeepak.com/content/images/2023/03/guptadeepak-devops-learnings.png https://deepakguptaplus.wordpress.com/2023/03/09/2021-2022-how-loginradiuss-devops-delivered-beyond-expectations/ In today's digital world, our digital identities are becoming increasingly important. We use them to access services, purchase goods, and interact with others. However, many of us are unaware of the risks associated with our digital identities and how to protect them. This is where Bring Your Own Identity (BYOI) comes in. BYOI is a concept that empowers individuals to take control of their digital identities and protect them from misuse. The benefits of BYOI are numerous. It increases security, improves privacy, and gives users greater control over their digital identities. It also provides more convenience, as users can access their digital identities from any device. In this article, I will discuss what digital identity is, what BYOI is, and the benefits of BYOI. What is Digital Identity?Digital identity represents a person's identity in the digital world. It can include a person's name, address, phone number, email address, social media accounts, and other online activity. Digital identity can also include biometric data, such as fingerprints and facial recognition. There are two types of digital identities: static and dynamic. Static digital identities are unchanging and are used to identify individuals. Examples of static digital identities include Social Security and driver's license numbers. Dynamic digital identities are constantly changing and are used to authenticate individuals. Examples of dynamic digital identities include passwords, PINs, and security questions. What is BYOI?BYOI stands for Bring Your Own Identity. It is a secure and convenient way for individuals to manage their digital identities. It allows users to create, store, and work their digital identities in a safe environment and provides the tools to protect their identities from misuse. At its core, BYOI gives users control over their identity. Organizations can reduce the cost and complexity of managing user identities by allowing users to authenticate their identity with their device or identity provider. Additionally, BYOI can provide organizations with a more secure authentication process, as users can establish their identity with a device or identity provider they trust. BYOI works by allowing users to create a secure digital identity that is stored in a safe environment. This identity can then be used to access services and make purchases. The essence is protected by encryption, and users can easily revoke access to their identity if needed. How to Implement BYOIImplementing BYOI is relatively straightforward. Organizations can use existing identity management systems to create and manage digital identities, or they can create their own systems. Once an identity is created, users can access it from any device, and can easily revoke access if needed. So, how can organizations implement BYOI? The first step is to identify the appropriate identity provider for your organization. This could be a third-party identity provider, such as Google or Microsoft, or an in-house identity provider, such as a biometric device. Once you have identified the appropriate identity provider, you will need to configure the identity provider to authenticate users. This could include setting up a user directory, configuring authentication protocols, and setting up access control policies. Once the identity provider is set up, organizations must implement the BYOI model. This could include setting up authentication protocols, such as two-factor or access control policies. Additionally, organizations should ensure that their BYOI model is secure by implementing security measures like encryption and multi-factor authentication. Finally, organizations should ensure that their BYOI model is user-friendly. This could include providing users with clear instructions on how to authenticate their identity and access to support resources, such as FAQs or tutorials. Additionally, organizations should ensure that their BYOI model is accessible to all users, regardless of their device or identity provider. Bring Your Own Identity (BYOI) is an increasingly popular security model allowing users to authenticate their identity with their device or provider. By implementing BYOI, organizations can reduce the cost and complexity of managing user identities while providing a more secure authentication process. To successfully implement BYOI, organizations should identify the appropriate identity provider, configure the identity provider, implement the BYOI model, and ensure that their BYOI model is user-friendly and accessible to all users. Benefits of BYOIBYOI provides numerous benefits to users. It increases security, improves privacy, and gives users greater control over their digital identities. It also offers more convenience, as users can access their digital identities from any device.
ConclusionBYOI is a secure and convenient way for individuals to manage their digital identities. It allows users to create, store, and work their digital identities in a safe environment and provides the tools to protect their identities from misuse. The benefits of BYOI are numerous, including increased security, improved privacy, increased control, and convenience. BYOI is an essential tool for individuals to take control of their digital identities and protect them from misuse. https://bit.ly/3ZMVN4S https://guptadeepak.com/content/images/2023/03/bring-your-own-identity.png https://deepakguptaplus.wordpress.com/2023/03/07/byoi-empowering-individuals-to-take-control-of-their-digital-identities/ In 2022 alone, LoginRadius CIAM platform has undergone major changes as we focused on re-engineering our platform to deliver cutting-edge performance, scalability, and throughput — which we needed to deliver for our customers who had large bases of end users for whom seamless experiences supported by lightning performance was mostly non-negotiable. The changes and upgrades in 2022 were needed due to the challenges we faced in 2019 and later; for which, by 2021, we did root cause analysis, thorough research, and strategically planned high-quality upgrades. In this process, we needed to transform our QA systems, processes, and workflows. I wrote earlier about this engineering transformation at LoginRadius: 2022 – A Year of Engineering Resilience at LoginRadius. Here, I write about how we transformed QA to support engineering efforts and deliver a more robust and efficient platform free of production issues for our customers. Reworking Test CoverageWhile doing the root cause analysis in 2021, we also identified that work on test coverage was required to meet the increased demand and ultimately lead to better user experience and customer satisfaction. Additionally, we planned test coverage extension to ensure that APIs movement from .Net Core to Go Lang does not introduce regressions. In phase one, we enhanced test coverage across all LoginRadius components, including HPA, IDX, and Admin-Console. And we then added new test cases for the identified gaps and new scenarios. This improvement provided optimal test coverage and helped us reduce the risk of issue leakage. Advancing AutomationAutomation testing has always been part of quality assurance at LoginRadius. However, increased demand and the need for faster release cycles called for the advancement of existing automation capabilities. We made notable improvements in automating testing for customers' sites and various product components like webhooks, auth APIs, and audit logs for HPA APIs. Also, to remarkably reduce manual efforts and cumbersome maintenance, we migrated customer site automation from Katalon Studio to Cucumber BDD. This advancement enhanced the automation capabilities and reduced the product’s release time. Executing Parallel PipelineEarlier, our test cases ran in parallel, but we executed jobs in CI/CD pipelines sequentially. Thus, the time involved in release verification was higher. In the year 2022, we added more runners and separate apps for every job in test suites and reduced CI/CD pipeline execution time by more than 50%. This execution improved our testing efficiency and helped us deliver faster product releases. Streamlining Test Case ManagementWhile planning and executing the above strategies, we realized that existing test case management and cross-browser testing solutions required an upgrade for better performance and scalability. To fulfill these requirements, we opted for our new tools – Testmo and LambdaTest after extensive research and POCs. These changes have brought several benefits to the product, including more effective test case management that streamlines the overall testing process and enables geo-location execution for test scripts. The ResultsAll of our continuous efforts, strategic rethinking, gap-finding analysis, and deeper involvement in optimizing the quality assurance of our platform have resulted in the following:
In ConclusionIn conclusion, 2022 was a year of significant transformation in quality assurance at LoginRadius. These changes have helped to deliver a more robust and efficient platform for customers, ultimately contributing to their satisfaction and success. Originally published at LinkedIn
2022: A Year of Significant QA Transformation at LoginRadius
In 2022 alone, LoginRadius CIAM platform has undergone major changes as we focused on re-engineering our platform to deliver cutting-edge performance, scalability, and throughput — which we needed to deliver for our customers who had large bases of end users for whom seamless experiences supported b
https://bit.ly/3ItV0Pg https://guptadeepak.com/content/images/2023/02/2022-qa-at-loginradius.png https://deepakguptaplus.wordpress.com/2023/02/23/2022-a-year-of-significant-qa-transformation-at-loginradius/ The question of whether Artificial Intelligence (AI) can write an emotional poem or song is a complex one. AI has become increasingly influential in recent years and can perform various tasks, but can it create something as complex and personal as a poem or song? AI can certainly create lyrics and musical notes that fit together to create something resembling a song, but can it create something truly emotional? The answer is yes, but only to a certain degree. While AI can generate words and musical notes that fit together to produce something resembling a poem or song, it cannot create something that conveys genuine emotion. For example, a computer may generate a poem with a specific structure and a certain rhythm but cannot capture the emotion and feel behind the words. AI can also generate musical notes that sound like a song but cannot create the emotion and feeling behind the notes. For AI to create a genuinely emotional poem or song, it would need to understand and interpret the nuances of human emotion. This is a difficult task, as AI does not have the same level of understanding of the complexities of human emotion that we do. AI may be able to generate words and music that fit together to create something resembling a poem or song, but it will not convey the same level of emotion as a human can. Can AI Write an Emotional Poem or Song? Humans have been writing poems and songs for centuries, but could artificial intelligence (AI) ever be capable of producing something that has an emotional quality? This article will explore the potential of AI to write a poem or song with a humorous tone. The Possibilities of AI AI has come a long way in recent years, and it can now perform many tasks that were once thought impossible. AI can recognize objects, understand natural language, and play complex games. So, could AI be used to write a poem or song with a humorous tone? AI and Creative Writing AI is not yet capable of producing creative works on its own, but it can be used to help humans in the creative process. AI can be used to generate ideas, suggest word choices, and even provide feedback on the quality of a poem or song. AI and Humor Humor is one of the most challenging things for AI to understand and replicate. AI can recognize jokes and other forms of humor, but it cannot produce original jokes or humorous content. However, AI can help humans creatively by suggesting words and phrases that could add humor to a poem or song. Conclusion AI can, however, be used to assist humans in creating emotional poems and songs. AI can be used to generate words and musical notes that fit together to create something that resembles a poem or song, and then it can be up to the human to refine the poem or song and add emotion and feeling. AI can also suggest changes to the poem or song that may make it more emotionally powerful. In conclusion, while AI cannot create a genuinely emotional poem or song, it can be used to assist humans in creating one. AI can generate words and music that fit together, and then it is up to the human to refine the poem or song and add emotion and feeling. AI can also suggest changes to the poem or song that may make it more emotionally powerful. https://bit.ly/3Z2bNjh https://images.unsplash.com/photo-1535378917042-10a22c95931a?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwxMTc3M3wwfDF8c2VhcmNofDEzfHxodW1hbiUyMEFJfGVufDB8fHx8MTY3NjkxNDczMw&ixlib=rb-4.0.3&q=80&w=2000 https://deepakguptaplus.wordpress.com/2023/02/20/can-ai-write-an-emotional-poem-or-song/ Back in 2018, our product, engineering, infrastructure, and customer teams were a happy bunch — the LoginRadius CIAM platform has evolved a lot in the previous years. It is ready to scale, serve, and support the needs of some of the biggest retail and consumer-facing brands in the world. From 2019, the strength and capabilities of the CIAM platform enabled us to onboard some of the biggest brands we have ever worked with. From then, things got a bit complicated — like a plot twist in your favorite story: the platform was not performing as expected in terms of scalability and latency, and it was difficult to believe we weren’t delivering up to the standards I had set for ourselves. 2020: Why LoginRadius CIAM Struggled to Deliver Cutting-Edge Performance?From the first day we started working on LoginRadius, we knew that performance was the Achilles heel for our customers who run consumer-facing applications. In a world where brands like Amazon, Google, and Netflix have pushed the bar for end-user experience, we wanted to enable our customers’ brands globally to deliver similar experiences to their end users, which is so fundamental to LoginRadius. After we onboarded some of the bigger brands, special business situations and use cases caused engineering issues we had never observed before, thanks to the scale and demands of the workloads and requirements we were dealing with. We faced performance lags in terms of scalability and latency. To address this, firstly, we launched a comprehensive root cause analysis (RCA) that surfaced sub-optimal processes and mechanisms in terms of time-to-release, automation, and legacy complexities. The finding from the RCA has challenged our assumptions and helped us remap our priorities: No matter what, our platform has to deliver excellence for our customers of all sizes. 2021: An Year of Engineering ResolveWe are a world-class engineering team. Since its inception, engineering problems have intrigued us — in fact, that’s how LoginRadius was born. And the time has come again to test our resolve and dedication: how do we re-engineer the LoginRadius CIAM Platform delivers a high-throughput, low-latency, and lightning-fast end-user experience? One discussion I had strikingly comes to mind: our platform is already the strongest technological offering in the market. So, we created the strongest platform — yet that isn’t meeting our standards. If we’re going to deliver something much better, our engineering team is the one to rebuild it. ![]() We initiated research and auxiliary processes to discover opportunities, analyze technologies, strategize platform re-engineering, and plan required upgrades. In this phase, we focused and worked confidently with commitment yet cautiously. We knew, as with the stock investments corollary, past performance is not a precise indicator of future performance. Likewise, the technology world has changed so much, and our ability to unlearn, relearn, and solve complex engineering problems was put to the test. 2022: An Year of Engineering Resilience and High-Performance OutcomesAs we researched and planned a strategy to upgrade our CIAM platform, we focused on four key areas: platform architecture, underlying technologies, automation, and process improvements. For each focus area, we achieved the following outcomes. Improving Scalability and LatencyAPIs are fundamental to our CIAM platform and how we deliver core services to customers. In order to achieve breakthrough scalability and ultra-low latency, we started by focusing on upgrading the performance of our APIs. The then-existing APIs were built with .NET Core, whose performance and infrastructure usage was not satisfactory with respect to the scale of requests. To solve this, we concluded through research that we must rebuild our APIs with Go Lang. Our lead architect Vijay Singh Shekhawat has written an excellent account of this transition: Why We Re-engineered LoginRadius APIs with Go? In addition to the high-performance API upgrades, we made a lot of minor improvements to the platform and deprecated legacy technologies with modern, performance-focused technologies. Optimizing Complexities in Our Processes and PlatformPreviously, we employed a sequential development approach for individual components to create a specific feature. This approach often resulted in delays and hindered progress, as roadblocks or issues in any component would block each other and require multiple iterations to address missing or updated elements. This resulted in longer-than-anticipated development times and subpar quality. However, we have now adopted a parallel development approach, where all components of a feature are developed simultaneously, and any missing or updated elements are addressed in real-time. This allowed us to release all components of a feature at the same time, ensuring greater efficiency and higher quality outcomes. Leveraging AutomationThe existing level of automation wasn’t enough for the speed at which we wanted to develop new features and address existing performance lags. We rigorously worked on automation that resulted in 99% automation in our test cases for APIs and the LoginRadius platform, along with other minor workflows. It helped us deliver new releases and improvements faster, which also meant we could accommodate additional customer requirements on the fly within a defined scope. The ResultsAll of our continuous efforts, strategic rethinking, and deeper involvement in re-engineering our platform have resulted in the following:
All the engineering efforts have led to remarkable improvements in our identity platform, including increased concurrency and throughput, allowing us to quickly handle high volumes of end-user requests and traffic. Another outcome of this re-engineering process has been a 40% reduction in infrastructure costs, showcasing our commitment to optimal engineering while delivering cutting-edge capabilities to our customers cost-efficiently. As a testament to our progress, the latest analysis from Forrester on CIAM (Customer Identity And Access Management, Q4 2022) has reported, “[LogiRadius’s] scale of large deployments is ahead of the competition.” In ConclusionThis transformation has resulted in numerous substantial improvements and has positively impacted our customers and their end users. We continually strive to push the limits of technology and maintain a forward-thinking approach. Originally published on LinkedIn
2022 – An Year of Engineering Resilience at LoginRadius
Back in 2018, our product, engineering, infrastructure, and customer teams were a happy bunch — the LoginRadius CIAM platform has evolved a lot in the previous years. It is ready to scale, serve, and support the needs of some of the biggest retail and consumer-facing brands in the world.
https://bit.ly/3RO1QDJ https://guptadeepak.com/content/images/2023/02/2022---A-Year-of-Engineering-Resilience-at-LoginRadius.png https://deepakguptaplus.wordpress.com/2023/02/09/2022-an-year-of-engineering-resilience-at-loginradius/ Organizations considering digital transformation must consider cybersecurity best practices, including phishing-resistant MFA features, to reinforce their cybersecurity posture. Phishing is one of the most common cybersecurity threats that cause brands to lose millions of dollars yearly and cause damage to business’ reputations. Regular cybersecurity awareness training and leveraging multifactor authentication (MFA) mechanisms could mitigate the risks of credential theft, but many organizations still overlook its importance. Phishing’s Impact on BusinessPhishing uses email messages to trick users into revealing personal or confidential information. But a phishing-resistant mechanism, like MFA, mitigates credential theft risks and account takeover risks. In many cases, employees can be tricked into revealing passwords, installing malware on the company’s network and more. This can result in a lot of damage for companies—especially if their data has been compromised. Every year, businesses lose millions of dollars due to phishing attacks. The best way to protect yourself from phishing attacks is to ensure your employees know how to identify them. Phishing attacks are intended to impact an individual or an organization financially or cause reputational damage. Hence, businesses should ensure they have a stringent information security policy and mechanism. Apart from this, a robust authentication security mechanism like MFA could significantly enhance overall account security. Why are Organizations at Greater Risk Today?Technology has evolved by leaps and bounds, and so have cybercrimes. Attackers are constantly finding new ways to sneak into a business’s network to exploit sensitive data. The problem is that many businesses aren’t aware of the threat they’re facing. In fact, most people don’t realize how easy it is for hackers to gain access to their network—and how much damage they can do once they’re in there. Attackers use a variety of methods to gain access to your company’s network, including phishing scams. If organizations don’t take steps to protect themselves against these attacks, they risk losing valuable information about customers or employees—or worse: Having their entire business brought down by an attack on their servers. Most recently, attackers have targeted employees by sending them phishing emails asking them to share sensitive information or click on a malicious link. If you think this can’t happen to your organization, consider this: About half of all attacks originate within an organization’s network. Employees are often the weakest link in security because they don’t know how to recognize phishing emails and protect against threats like ransomware or spyware. Not only do these types of threats cost companies money, but can also cost them their customers’ trust. MFA’s Role in Minimizing Phishing and Account Takeover RisksIn a world where cybercrime is rampant, MFA provides a strong tool to help mitigate phishing and account takeover risks. MFA confirms a user’s claimed identity by using two or more factors. These factors could include something a user knows (personal information), something a user has (a phone or other device) or something you are (biometrics). MFA can help reinforce overall authentication security by adding multiple authentication layers. If a single layer of authentication, like user credentials, is compromised, another stringent layer protects an account. For example, if an attacker steals your password but does not have the second factor for your system—e.g., a smartphone for one-time password (OTP)—they will not be able to access your account. Hence, by adding another layer of authentication, like a one-time-use code or biometric scan, you can minimize the risk of account takeover and phishing attempts. Incorporating MFA Into Your Systems1. Meeting regulatory compliance There are many benefits of multifactor authentication, but the most crucial is that it helps meet regulatory compliance mandates, which means businesses will be at the least risk of having a data breach. This is especially important in today’s world, where attackers always look for ways to get into systems and steal information. MFA can give organizations peace of mind that they are meeting regulatory compliance requirements. Those organizations that aren’t compliant with data and privacy regulations, including the EU’s GDPR and California’s CCPA, could face legal consequences and lose customer trust. In some cases, businesses may face hefty fines for non-compliance in certain countries and regions. 2. Easy-to-install system that secures remote workforce MFA is an easy-to-install security solution that can secure all an organizations’ workers, including remote workers, against phishing attempts and account takeover attacks. The sudden rise in account takeover cases amid the COVID-19 pandemic was the biggest concern for most organizations that had newly adopted remote work. While most of them adopted stringent mechanisms to protect themselves and their employees, many were more concerned with keeping their business going and relegated cybersecurity to the bottom of their priority list. With MFA, you can ensure that your employees are protected while working remotely, no matter what device they use and what network they are connected to. 3. MFA with SSO offers a great user experience MFA coupled with single sign-on (SSO) helps streamline the user experience, increasing customer trust. SSO is a feature that allows users to enter their credentials once and then uses them across all applications. This means that if you’re using the same username and password for your interconnected platforms, you don’t have to log in again when you switch from one to the other. It’s convenient, easy and secure since MFA provides multiple layers of security, and SSO minimizes the hassle of reentering passwords for different interconnected platforms/applications. ConclusionPhishing is a significant business threat and can lead to financial and reputational damages. And minimizing the risk of credential theft through phishing attacks requires a rigorous defense against credential theft. While many different tactics help prevent phishing attacks, one of the most effective is MFA. It can significantly reduce the risk of account takeover and credential theft when implemented correctly. Originally published at SecurityBoulevard
Minimizing Credential Theft With MFA
Organizations considering digital transformation must consider cybersecurity best practices, including phishing-resistant MFA features, to reinforce their
![]() ![]() https://bit.ly/3j0mMud https://guptadeepak.com/content/images/2023/01/Phishing-Evolving-Threat-770x300.jpg https://deepakguptaplus.wordpress.com/2023/01/24/minimizing-credential-theft-with-mfa/ |
AuthorChristopher Reardon, PhD, is a computer scientist and experimental roboticist. He joined the faculty at the University of Denver in late 2020 as an Assistant Professor in the Department of Computer Science at the Ritchie School of Engineering and Computer Science. Prior joining DU, Dr. Reardon spent over four and a half years as a research scientist at the U.S. Army Research Laboratory, where his research focused on enabling better human-robot teaming for autonomous mobility and maneuver contexts. Dr. Reardon has published over 25 peer-reviewed journal and conference articles to date. He is an IEEE Senior Member. He is actively involved in the greater robotics research community, regularly serving in organizational leadership roles at conferences and workshops. ArchivesNo Archives Categories |