FusionAuth

Happy New Year from the FusionAuth team! At every step of 2024 (and before then), our goal has been to do what is best for the hundreds of customers using FusionAuth . . . this is not a New Years resolution, it's a day-to-day determination. This summary of all the great releases and product enhancements from 2024 reflects that determination, and shows hints of even more exciting things that will be coming in 2025! As New Years resolutions are made, reflections on the last year are also in store! https://lnkd.in/gXE2Amzy

We're bullish on the Denver tech scene, and proud to see our CEO Brian Pontarelli recognized as one of Colorado's Rising Startup Stars! “I think we actually have a better system in place than a lot of places, because we don’t focus entirely on these crazy VC rounds and a one in 10 chance. We have a better batting average, better odds. And when you do scale a company here, people are proud of you and the community rallies around you.” https://lnkd.in/gH-efc8T

Happy 1st day of Chanukah and a very Merry Christmas to our teammates, customers, and all! What a unique year, when these two occasions fall on the same day First we reflect on all the great opportunities we have had to come together and creatively solve how to deliver authentication that meets the needs of today's engineering teams (so many fun pictures!) It's a time to express gratitude for working with great people, the opportunity to help innovative teams, and rest so we can become that much better friends, colleagues and family members next year Let the warm celebrations abound 🎄 🕎

Our gift to you? SAML encryption, configurable API security, and of course a #CIAM solution built on open standards. https://lnkd.in/g9mmzX6x

Developers, are you ready to level up your authentication game? 💪 10 essential steps to secure your auth system: 1. Embrace DevSecOps 2. Conduct regular security reviews 3. Implement static code analysis 4. Perform penetration testing 5. Launch a bug bounty program 6. Prevent password reuse 7. Audit access logs 8. Implement brute-force protection 9. Use proper multi-factor authentication 10. Train personnel on phishing We wrote a full article if you'd like a deeper dive below ⤵️ Anything we missed? Let us know in the comments! #CyberSecurity #AuthenticationSecurity #DevSecOps (also super happy we were able to revive the success kid meme for this)

In a perfect world, every developer would understand OIDC, OAuth, and the magic of digital identity. Unfortunately, we don’t live in that world. But here at FusionAuth, we’re doing our part to build it. That’s why we’ve renewed our membership to IDPro®—the professional organization for identity experts. Think of IDPro as the ABA for identity nerds (fewer wigs, more tokens). At FusionAuth, we believe identity should only be as complicated as absolutely necessary—no jargon for the sake of jargon. Developers have enough on their plate, so we keep things simple: ✅ Applications, not “clients.” ✅ Identity providers, not “authorization servers.” Why do we support IDPro®? Short version: Staying on top of identity trends is good for our community. Slightly longer version: IDPro’s educational resources, Slack discussions, and knowledge sharing push the entire industry forward—and we want in on that. For the curious, IDPro’s Body of Knowledge (BoK) is a goldmine of identity best practices—everything from MFA to access governance. They even offer a certification, CIDPro. So, while you’re out there building apps, we’re keeping tabs on the future of identity—on Slack, at conferences, and in standards discussions. You can count on FusionAuth to make sure your OAuth game is always on point. (Oh, and if you’ve ever wanted to chat about CIAM or debate token lifetimes over coffee, come find us. We’re those people.) Read the full blog post here: https://lnkd.in/gNaDKYH8 Check out the IDPro Body of Knowledge (BoK) in the comments below: #DigitalIdentity #OAuth #OIDC #FusionAuth #IDPro

Is your authentication system ready to scale? 🔒 Discover key insights on balancing security and performance in this must-read article. Learn about: • Challenges in scaling auth systems • Modern hashing algorithms • Rate limiting strategies • Database scaling techniques • Caching session data • Auth tokens and API gateways Don't let authentication become your bottleneck. Read the full article to ensure your system can meet growing demands while staying secure. Article in comments. ⤵️ #CyberSecurity #Authentication #ScalableArchitecture #TechTips

I would highly recommend against writing your own authentication and identity management layer if you haven't done it before. Just don't. The folks at FusionAuth put out a both a cloud and on-prem version of their software and I highly recommend their platform over their competitors. I have used it on my own projects, they take security seriously. I've used some competing products from some big name players but they fell short in several aspects. Wanted to raise awareness about this company that truly listens to the developer community and is making great software.

You have APIs. You need to make sure you know who is calling them and what they can do. So, what are your options? 🤔 Check out this blog from Dan Moore for ways to protect exposed APIs below ⤵️

We're thrilled to welcome Greg Moser to the FusionAuth team! Greg is a Portland native and has been in software sales the past 10 years with several PNW-based startups. Outside of work, he spends his time chasing twin four year olds around local parks, the zoo, and on their scooters.