A validation bug in how some single sign-on products implemented an open authentication standard could have allowed an attacker to log in to a site or service as though they were the victim they ...

Microsoft next month for the first time will participate in SAML 2.0 interoperability testing using its Geneva platform to test against other vendors' implementations of the open standard identity ...

Microsoft completed its first SAML interoperability test and the results are in: Active Directory Federation Services 2.0 software received a passing grade.

Microsoft's federated identity platform passed its first SAML 2.0 interoperability test; the company previously shunned the protocol for WS-Federation Microsoft’s federated identity platform ...

Security assertion markup language (SAML) is an open standard that defines how providers can offer both authentication and authorization services. Here's what you need to know.

Widely used single sign on implementations could potentially be mis-configured, enabling attackers to easily take over a victim's account.

Instead of targeting the Windows Server Kerberos, a Golden SAML attack leverages the Security Assertion Markup Language 2.0 (SAML) protocol.

Note that these techniques alone do not constitute vulnerabilities in the design principles of federated identity management, the SAML protocol, or on-premises and cloud identity services. The ...

These TTPs are not vulnerabilities in the design of federated identity management, the SAML protocol, or identity services available locally or in the cloud.