The industry’s longstanding approach to user verification for online accounts might seem foolproof given its widespread adoption. After all, if everyone’s doing it, it must be effective, right? The Challenge with Traditional Verification Current solutions typically verify both the user and, following the Zero Trust principle, possibly the endpoint when a user logs into an online account. While passwords, multi-factor authentication (MFA), and public key-based methods like FIDO and PKI have become the norm, are they truly effective against today’s advanced threats? Notable breaches at major cor ..read more

Competitive Advantages of Pre-Boot Authentication In the ever-evolving landscape of digital threats and cybersecurity challenges, the quest for secure and user-friendly authentication has led to the rise of passwordless solutions. Passwordless authentication — relying on methods such as biometrics and hardware tokens — offers a seamless user experience while eliminating the vulnerabilities associated with traditional passwords. However, to fortify these advancements, one formidable weapon in the arsenal of cybersecurity is pre-boot authentication (PBA). PBA refers to the process of authenticat ..read more

Introduction In the ever-evolving landscape of cybersecurity, SSL/TLS has emerged as the preeminent security protocol, fortifying trillions of daily interactions through HTTPS across web browsers. The TLS protocol, meticulously developed by some of the brightest minds in the industry, stands as the bedrock of internet security, setting the gold standard for safeguarding data during transmission. Indeed, TLS has become synonymous with resilience and adaptability. However, WinMagic has made some recent discoveries that we believe will change the cybersecurity space and one of them sheds light on ..read more

WinMagic applauds the joint NSA and CISA effort in creating the document “Developer and Vendor Challenges: Identity and Access Management.” The file provides pragmatic help to the community of vendors and developers and will benefit them greatly. For our part, we’d like to offer the below suggestions. We’ve categorized our suggestions into two sections — “MFA Definitions and Policy Changes” and “Standards Improvement Opportunities” — but the suggestions apply to many sections of the “Developer and Vendor Challenges” document. WinMagic understands that some of our comments and proposals below a ..read more

Early September 2023, two of the world’s largest casino hotel companies — MGM Resorts and Caesars — were struck by ransomware attacks. In the week after, Caesars stated that the company had been a victim of “a social engineering attack on an outsourced IT support vendor used by the Company.” The hackers exploited a weak point in these companies’ security, underscoring the urgency of readdressing and improving our approach to online security. Fallback Vulnerabilities To gain access to sensitive data, hackers exploited these Okta users’ fallback method: the account reset or recovery process for ..read more

“I’m very excited to tell you more about our passwordless authentication, today. I believe it is game-changing and it will change the cyber security market,” said Thi Nguyen-Huu, Founder and CEO at WinMagic, during our “Passwordless for Government” webinar, hosted jointly with Carahsoft Technology Corp. Leading the webinar, Garry Mccracken, CISO at WinMagic, began with the following descriptions of government security guidelines and executive orders: EO 14028. In May 2021, the federal government released Executive Order (EO) 14028. Executive orders tend to contain high-level policies, and th ..read more

A recent report suggests that a majority of cybersecurity professionals experience extreme stress and burnout with 54% of them wanting to quit their jobs. In 2022, Forbes forecasted that one in 10 of these experts will leave the industry. Cybersecurity burnout is real and is wearing down many of our fellows. With cyberattacks growing more sophisticated by the week, professionals are stressed around the clock. Still, there are some ways to support these cyber whizzes. The best way to thwart cybersecurity stress burnout is to keep it from taking hold in the first place. Here are a few simple tri ..read more

New partnership leverages expertise in network, security and cloud solutions Mississauga, Ontario, Canada — May 24, 2023 — WinMagic Inc. (the “Company” or “WinMagic”) is proud to announce that it is now a member of the Lumen Technologies (NYSE: LUMN) Channel Partner program. WinMagic offers powerfully simple and seamless authentication and encryption solutions that use the endpoint to deliver unbeatable security. This partnership will enable the Company to leverage Lumen’s extensive network and cloud and security solutions to expand capabilities to existing WinMagic customers and enter new mar ..read more

The WinMagic team believes we can revolutionize the cybersecurity of the world. Our latest authentication solution, MagicEndpoint, is ready to deliver the most secure authentication with the best user experience. Incredible? Unbelievable? Yes. Not because we can do magic, but because we recognized some misconceptions that prevented previous solutions from being effective. What are these misconceptions? Are you ready to be shocked? There are two main misconceptions: MFA (multi-factor authentication) is needed for online authentication. The best security requires continuous verification of eac ..read more

Mississauga, Ontario, Canada – April 19th, 2023 — Today, WinMagic Inc. (the “Company” or “WinMagic”) announced a new integration with Ping Identity, the intelligent identity solution for the enterprise, leveraging PingOne DaVinci, a no-code identity orchestration service. The partnership will allow DaVinci users to insert MagicEndpoint into authentication flows, introducing a passwordless experience and secure pre-boot authentication. WinMagic joins a growing network of technology partners developing integrations with PingOne DaVinci through the Ping Identity Global Te ..read more