I am trying to setup JC as the identity manager to "Apple Business Manager" there isn't a ready-made connector so am trying to use a custom one, I am stumped though as to what jumpclouds SSF Config URL (Shared Signals Framework) is that Apple seems ...
Is the JumpCloud RADIUS server susceptible to the Blast-RADIUS attack announced this week? https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-radius-spoofing-july-2024-87cCDwZ3
I just went through setting up SAML SSO with honeycomb.io and thought I would help the next person a bit. JumpCloud doesn't have a pre-built SSO application for honeycomb.io so you have to use a custom SAML app. Even with this the initial configura...
HelloSharing a documentation here to configure JumpCloud and Okta in tandem to use JumpCloud as factor for Device Trust by using OIDC, Conditional Access Policies and Okta's Policy Engine. What it does: If you're using Okta for SSO (let's say via SA...
Our CEO, @rajat, has a new blog post up on our corporate blog. In it, he gives a list of immediate steps that organizations should take once they’ve fully brought all of their systems online. Here are some excerpts from the article: When we look ba...
I am trying to setup an SSID using IPSK Cisco Meraki. Is this possible with Jumpcloud and if so is there a guide on how to do this?I have standard 802.1x using Radius setup for a different network so know how to configure that I'm just stuck with IPS...
HelloIs there any plan to incorporate Privilege Access Management functions to JumpCloud?By this, I mean that, for example, the user needs to check in/check out certain critical roles/privileges. Unless I am mistaken, this does not exist in JC. We s...
Hello,I've been keeping an eye on Jumpcloud's progress and have been wanting to switch our small company over to it from Active Directory for quite some time now. The problem is that our company has multiple users jumping on and off each of our PCs t...
HiJust to share my recent discoveries for Sentinel and Splunk as well as mentioning Datadog - as I find it noticeable in terms of integrations efforts and pricing.Azure Sentinel A publicly available Data Connector can be found on GitHub here. It's ju...
Flaw in OAuth implementation for Grammerly and others; allows full account takeover.https://www.darkreading.com/remote-workforce/oauth-log-in-full-account-takeover-millions iPhone MAC address randomization hasn't ever worked. Turns out that while it ...
I am curious about best practice and how jumpcloud works with ubiquiti's Identity cloud solution. My organisation uses the udm se with some APs, switches, door hubs, security cameras, etc. UID seems to implement/run its own RADIUS server through UID ...
When I try to login as admin my OTP-code says; Verification code was invalid or already used.It does not work. If I try to reset my password I need also an OTP code. I'm locked out and have no clue how to solve this.
Configuring a Tailscale SSO connection is pretty straightforward but there are a couple of gotchas to watch out for. First, neither JumpCloud nor Tailscale consider each other a primary vendor so you have to use custom connections. Second, Tailscal...
Just wanted to jot a few notes down for integrating SSO with Redox Engine.Steps:Create the SSO app in JC and accept the defaultsCheck the "Declare Redirect Endpoint" option - Redox requires thisACS URL: https://auth.redoxengine.com/saml2/idpresponseC...
We just upgraded our Bitwarden account to allow SSO integration and I'm having a bit of a tough time with it. There are some docs for the SCIM integration with Bitwarden there is nothing for SAML. JumpCloud has a "Bitwarden" SAML template so I thou...
John Hammond, of Huntress fame, published a video detailing how it's possible to recover, decrypt and reveal passwords from Chrome. The attack vector will also work for Firefox. It requires access to an endpoint, so don't be too alarmed when you read...
Prerequisites JumpCloud MDMOkta MFA packageOkta identity Engine Motivation There are several ways to enhance the security level of Okta SSO access. This article presents enabling Device Trust (devices must be managed) as an additional authentication...
We use SentinelOne EDR and I just found out that we have XDR data ingestion with our plan, but are not using. We can send pretty much any types of logs (so they say ...) to the XDR. Has anyone been sending their JumpCloud logs to SentinelOne XDR? ...
Hi Community FolksYesterday I wrote about: "How to establish Device Trust for Android Devices with Okta by using JumpCloud's Android EMM?"Now you might wonder: Can I do the same for iOS-devices as well? Yes, certainly you can. Please refer to the art...
HelloRecently I posted about "How to establish Device Trust (managed devices) for Okta by using JumpCloud as factor for authentication?" - which enables you to make use of Device Trust Certificates from JumpCloud with Okta. But how about mobile devic...
Zero trust as a strategy is essentially to trust nothing, verify everything. A colleague and I had an interesting chat the other day where we examined how that concept applies to the intersection of device management and identity. I created a decisio...
HiThe recent (and not so recent) news about LastPass have been - at least to me - literally horrifying. I moved out of LastPass more than a decade ago (to be precise after their security incident on May 3, 2011) and started using 1password from then ...
It's been a minute since I posted about using JumpCloud Commands for security remediations. There's a particularly nasty zero day that's been actively exploited now that involves attackers obtaining an NTLM hash (Windows password) through Microsoft 3...
Hi everyone, I've been trying to implement Crowdstrike's SSO following the documentation that can be found in Crowdstrike's portal, and it somewhat-works. Here's what I mean:After following the steps, when clicking on the app, I get re-directed to Cr...
Last week I went to login as an Administrator account, only to find that my TOTP code was no longer working from my iOS Authenticator app. JumpCloud said the code was not valid. After a few login attempts, my admin account is now locked. Resetting th...
