Security / 21 Sep, 2025
Access tokens strike again, the Salesloft Drift breach
Attackers (UNC6395) used stolen Drift OAuth tokens to mass‑query Salesforce, mine embedded secrets (AWS, Snowflake), and pivot into connected platforms.
Why SlashID
Attackers don't break in. They log in.
Identity is the most common vector for data breaches and lateral movement. SlashID allows you to build a secure, compliant, and scalable identity infrastructure.
Identity Protection
Everything you need to manage and secure identities in your organization.
Identity Protection
View, detect and remediate identity events across all your environments.
Visibility/Alerts/Remediations
Identity Threat Detection and Remediation
Identity is the most used attack vector for initial intrusion and lateral movement. Posture management and governance are not enough.
User and NHI Visibility and Management
View the identity map of your entire organization and easily understand ownership and access patterns. Easily enforce least privilege and credential ownership.
Posture and Regulatory Compliance
Comply with regulatory frameworks such as PCI-DSS, SOC2 and others. Obtain ready to use reports and audit-ready access logs.
Security / 31 Aug, 2025
Illicit Consent-Granting & App Backdooring – Obtaining persistence in Entra
Attackers are increasingly targeting Entra ID by silently injecting high-privilege OAuth grants and backdooring enterprise apps—achieving persistence without user interaction.
Security / 8 Jan, 2025
Protecting against malicious OAuth 2.0 applications
Several Chrome extension developers were compromised in recent weeks by an attack seeking to create a backdoor in the extensions.
