FusionAuth achieves SOC2 Type II certification
The FusionAuth team is proud to announce that we have completed the rigorous audit process and have now earned SOC2 Type II certification for our entire...
April 14, 2022
Tags
security
Spring Framework CVE: How it affects FusionAuth (TLDR: It doesn't)
The recent announcement of CVE-2022-22965, where "a Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE)...
April 5, 2022
Log4j CVE: How it affects FusionAuth (TLDR: It doesn't)
The recent announcement of CVE-2021-44228, which allows for "arbitrary code loaded from LDAP servers when message lookup substitution is enabled" through a...
December 10, 2021
Security and privacy risks when implementing an auth system
Given the increase of data beaches in the past few years, it's more important than ever for software engineering leaders to prioritize security, quality...
May 20, 2021
Auth specific scaling challenges
Modern authentication is built on hashing passwords using computationally expensive algorithms. Because of this intense CPU usage, there's a push-pull...
March 11, 2021
Stop Storing My Plaintext Password
Believe it or not there are still companies emailing users with plaintext passwords. Worse yet, some systems are storing plaintext passwords in the database...
March 12, 2019
6 Ways The FusionAuth API Is GDPR Ready
The GDPR is a complex regulation, but at its most basic level it requires organizations to provide "data protection by design and default." FusionAuth is built...
March 5, 2019