In this Help Net Security video, Colin Constable, CTO at Atsign, explains why your identity provider (IdP) has become the kill chain in cyberattacks. Attackers steal session cookies, tokens, or consent grants you’ve already issued and walk in behind you. Constable breaks down how passwords, session cookies, and OAuth grants all rely on shared secrets between browser and server. Even with TLS encryption, intermediaries like CDNs, load balancers, and WAFs can see these credentials in … Continue reading What happens when your identity provider becomes the kill chain