About Shimrit Tzur-David

Shimrit holds an MSc and Ph.D. from the Hebrew University in Computer Science. Her research areas primarily focused on PKI, cryptography, anomaly detection, web attacks, DDoS and intrusion detection and prevention systems. During her Ph.D., Shimrit was a consultant for Check Point and Marvell Semiconductor and designed an intrusion detection system product there.
  • man in the middle attacks - Secret Double Octopus

Stopping Man-In-The-Middle Attacks with Cryptography

Man-in-the-middle (MiTM) attacks – where an attacker secretly relays and possibly alters the communication between two parties who believe they are directly communicating with each other – are a very real threat, especially when it comes to authentication. Various solutions have been put forward to prevent, or at least manage, this threat. These have met varying levels of success, although it [...]

By |June 14th, 2018|Categories: Articles|Tags: |

Why Passwordless Authentication is Essential for VPN’s

As the modern workforce becomes increasingly more mobile, businesses are allocating more and more on resources to secure remote connections. For years, Virtual Private Networks, or VPNs, have been the standard bearer for remote access. VPNs allow users to transfer sensitive data across a public network as if their devices were directly connected to private one. The New Paradigm Unfortunately, the [...]

  • Certification as single point of failure - secret double octopus

Circumventing The Single Point of Failure – Goals in Authentication

Securing our online communications has always been an ongoing task, one that has to stay in-synch with our ever-expanding communication technology. For years, the basis of this security has been Secure Sockets Layer (SSL) cryptography, now in its more updated version of Transport Layer Security (TLS). These protocols work by generating keys for every connection made between parties (say, your internet [...]

  • No KNOWLEDGE proof - Secret Double Octopus

Zero Knowledge Proof – What Peggy Knows About Victor

Zero knowledge proof authentication is the basis of modern-age authentication. It allows for the highest level of security, by ensuring passwords, transactions and conversations don’t get compromised when transferred over an unsecured connection. In this article we will look at zero knowledge proof to understand the need for it, how it works, and where it’s being utilized to verify parties today. [...]

  • What is Zero Trust authentication secret double octopus

What is Zero Trust Authentication?

“Zero Trust” is a concept that can revolutionize the way people interact with networks, and each other. At its core, it’s a different approach to network security, but its practical implications are far-reaching. In this article, we dive into Zero Trust Authentication, as well as clarify and understand the basics of the approach and the practical ramifications of it.   The [...]

  • PCIs-new-regulations-Secret-Double-Octopus

Tackling the PCI’s New Authentication Regulations

The latest standards governing the world of digital payments have come into effect. On 1 February 2018, the new Data Security Standards of the Payment Card Industry’s (PCI) Council, or PCI DSS, came into effect. These new standards upgraded many protocols that used to be merely “best practices”, to full requirements. The updated PCI DSS is a significant shift from earlier [...]

  • Authentication in the age of GDPR - Secret double octopus

Making BYOD Work in the Era of GDPR

The ever-expanding popularity of implementing personal, mobile devices as a tool in the workplace has brought unprecedented versatility to the business world. While bring-your-own-device (BYOD) protocols have important benefits from an operational perspective, from a security standpoint, having a slew of additional devices connected to company networks creates a huge liability. Nowhere is this risk more pronounced than when it comes [...]

By |April 24th, 2018|Categories: Articles|Tags: , |

A Modern Authentication Model for The Financial Industry

The modern financial sector has been fully integrated into the digital sphere. Today’s online financial domain made up of banks and other intermediaries circulates billions of dollars around the world daily. Understandably, such a domain makes for a highly lucrative target for cybercriminals. Unfortunately, companies have been losing this fight. Hackers are becoming more sophisticated, deploying blended threats against banking and [...]

  • push notification authentication

How push notifications can revolutionize your authentication security

The many horror stories that regularly surface on the web make it certain beyond the shadow of a doubt that plain passwords are a cumbersome and bad security practice. A recent survey by Secret Double Octopus found that the outstanding majority of corporate employees are eyeing password-free technologies as their preferred method of authentication, both from a security and an ease-of-use [...]

What you need to know about the security and privacy of face recognition logins

Nearly all major smartphone manufacturers want you to unlock your phone by showing your face. While not a new technology, authentication by face recognition has undergone some major transformations in the past years, and tech companies believe it should become the default way you secure and access devices that hold a wealth of your personal information and perform sensitive operations such [...]