![\"Basic](\"/491e73fe4836ca5daa93f6aad47f3b4d/basic-architecture.webp\")
Currently, the LoginRadius Identity Platform processes more than 100K requests per second. As our developer and enterprise customers grow, we should be able to scale our APIs to handle staggering loads of requests per second. It won’t be surprising if our APIs have to serve a million requests per second in the future.
\nGenerally, we add more instances, CPU, or memory for supporting high request volumes. However, it has been burdening our infrastructure budget and maintenance.
\nSo, we’re focused on reducing the cost of compute capacity by improving efficiency. In this engineering update, we share our experience with a highly effective, low-risk, large-scale performance and cost optimization with Go.
\nLoginRadius production environment consists of 30+ microservices backed by a cloud-native infrastructure. Most of these services are written in .NET and Node.js. In Q1 2021, we explored the possibilities of improving the performance of our services and optimizing costs.
\nLoginRadius tech stack consists of 30+ microservices. We have different microservices for each business service like Authentication, Web SSO, Federated SSO, etc.
\nCore Applications: Multiple microservices instances for Authentication, Account API, Analytics API, Risk-based Authentication, Backend Jobs, Integrations, and much more,
\nData Storage: MongoDB, Elasticsearch, Redis, and PostgreSQL clusters are used to store a range of datasets for various applications and functionalities.
\nQueues: Amazon Kinesis Data Streams, Amazon Simple Notification Service (SNS), Amazon Simple Queue Service (SQS), and Azure Queue Storage.
\nOther Services: Services for rate-limiting, bcrypt clusters, feature flags, and more.
\nRouting: AWS load balancers (ALB, NLB, and ELB from AWS) and some nodes running NGINX as a proxy.
\nWe've been utilizing a multi-cloud and multi-region architecture for years based on our and our customers’ data and privacy compliance requirements. However, as our usage (and load) grew with maintenance costs, we relied more on AWS resources.
\nThis is the basic architecture of the environment in the US:
\n
Each request is processed as follows:
\n![\"Request](\"/fc6929115da8e289aaaaa4880d05fe5b/request-processing-flow.webp\")
The above diagram shows two cloud regions — US East and US West.
\nWhen requests come:
\nSo, how do we maintain high availability?
\nEvery availability zone has operating instances of all services (including databases). If one availability zone is down, we still have two availability zones.
\nWe are using a two-pronged scaling approach as scaling based on resource utilization (CPU & Memory) alone is not practical.
\nOnce, our multi-tenant application received a sudden spike in API requests — from thousands of requests to millions. Usually, adding new infrastructure to the existing pool takes around 60 seconds. And application deployment and start-up time were about 90 seconds. Plus, considering other possible delays in scaling, we can lose about 5 minutes for scaling up.
\nFurther, adding the time to gather metrics and make the scaling decision, the total delay can be ~6 minutes. This process can impact all multi-tenant customers' critical applications because user authentication and authorization are essential.
\nWe keep Scaling Buffers to support this kind of scenario.
\n\n\nScaling Buffers: During the Scale-up Time, the Scaling Buffer is the service's highest predicted traffic spike. Depending on the scaling strategy, we store several types of the buffer.
\n
Usually, we set a one million requests concurrency buffer. And based on the traffic pattern, our scaling automation triggers the scaling.
\nOur Platform performance is good. We can quickly handle millions of requests, and our application platform was scalable but not great. Minding the kind of growth we’re expecting, we wanted to improve and prepare our platform for the future.
\nNo. of requests can fluctuate within a few seconds if not minutes or hours, especially with specific events such as holiday shopping, promotional events, Black Friday, etc. So, in the event of traffic spikes, application startup time plays a significant role in scaling.
\nOur application startup time was around 90 seconds, so whenever scaling was happening due to high traffic, scaling took more time. That's why we needed to improve the application startup time.
\nWe used hundreds of AWS c5.2xlarge instances in a production environment to handle daily traffic. During certain events such as holiday shopping and Black Friday, we doubled our infrastructure according to expected traffic with a 20~30% buffer. We kept a high buffer because scaling took time with the existing .NET Core services. As a result, infrastructure cost was burdening as we were inefficiently deploying cloud infrastructure.
\nWe designed our Identity Platform a few years ago. Since then, the technology landscape has dramatically improved and optimized in recent years.
\nAlso, current technology platforms available to build and support our product (Identity Platform) are limited. So, it is crucial to align functionality with proper technology capabilities.
\nWe were facing challenges in customization. It was inflexible and limiting to deliver the required outcomes in more complex situations and use cases.
\nWe did a lot of research to choose the appropriate programming language for our application. We needed a language that would be simple to understand and learn, easy to maintain, and has high concurrency. Our research ended with Go due to its amazing qualities.
\nLet's take a closer look. Why choose Go? What makes Go such an excellent development language? What distinguishes it from the competition?
\nLet's get to the bottom of this by looking at what makes Go special.
\nGo is an open-source programming language developed by Google's Rob Pike, Robert Griesemer, and Ken Thompson. It was initially released in 2009. It has several enhancements and additions based on the C syntax to properly control memory use, manage objects, and enable static or strict typing along with concurrency.
\nConcurrent code can be executed in parallel by separate computer cores or in sequence. Most programming languages lack concurrent execution when working with multiple threads. They often slow down programming, compiling, and execution.
\nGo works with goroutines that are lightweight, low-cost threads. And Go channels allow goroutines to communicate with one another.
\nSequential Processes Communication: They are very similar to threads in Java but lightweight, and the cost of creating them is meager.
\nGo's core value is simplicity: it builds quickly, runs quickly, and is simple to learn. To help speed things up, there are no classes or type inheritance. This makes it easier to build a market-ready product quickly. Furthermore, its simplicity allows for quick and simple maintenance.
\nGo has an excellent standard library that includes a large number of built-in essential type functions and packages that are both practical and straightforward to use: I/O, encoding and decoding, manipulating raw bytes, network utility functions, parsing, debugging, and a lot more are all made simple by particular packages. Testing support is also included in the standard library, so no other dependencies are required.
\nGo has a simpler syntax than other languages and is simple to learn. The syntax of Go is somewhat similar to the C language. Developers can begin with Go in a couple of hours, but they need to spend time understanding best coding practices, especially understanding goroutines for concurrency.
\nWe run benchmarks on our API so that the performance insights help us make decisions about the tech stack. It will paint a clearer picture of where we stand compared to our existing tech stack and what areas need improvement or immediate attention.
\nWe did multiple stress tests on our high usage APIs built separately with .NET Core(Old) and Go (new).
\nWe are using Kubernetes to deploy and manage our microservices and application infrastructure and deploy our application microservices across multiple Pods.
\n| Test Item | \nValue | \n
|---|---|
| Instance Type | \nc5.2xlarge on AWS | \n
| No. of Instances | \n20 | \n
| Reverse Proxy | \nNGINX | \n
| Concurrent Requests | \n20K per second | \n
| Duration | \n5 minutes | \n
| Stress Test Tool | \nGatling | \n
We deployed both applications in the same infrastructure and did the same stress test.\nGolang application has performed much better.
\n![\"Requests](\"/425ce0aea8c01e3281101dd268d0def6/requests-and-responses-per-second-dot-net-core.webp\")
\n ![\"API](\"/d7b965865c218de9b3e71b6559787500/response-time-percentiles-dot-net-core.webp\")
\n ![\"Overall](\"/cd1c01d04ed3965ac3ca5bfce7ba66dc/overall-matrix-dot-net-core.webp\")
\n You can see some errors in Graph - 1(a) after ramping up to 15K users. Also, response time is increasing, as seen in Graph - 1(b).
\nThe application can recover after a couple of seconds, and after that, the application cannot respond. Application scaling is taking time. And existing infra cannot handle this spike, so the application crashes after 18K RPS.
\nWe did the same stress test with the new Go application. It is easily able to handle this kind of concurrency without any issue.
\n![\"Requests](\"/64fd50adc421658ca67fbf096038dc9e/requests-and-responses-per-second-go-lang.webp\")
\n ![\"API](\"/dd50184c7b2f042915816c6374a53590/response-time-percentiles-go-lang.webp\")
\n ![\"Overall](\"/19f6d7a35332ce026578459805a2327d/overall-matrix-go-lang.webp\")
\n The Go application can easily handle 20K ramp-up requests per second without any issue, as shown in Graph -2(a).
\nYou can see in Graph - 2(b) what the response time was after 2 min 47 sec for a couple of seconds. The Go application was scaling during that time. It is scaling quickly, so it is not impacting API request performance, and, also, the application can recover response API time as expected.
\nIn this article, you have learned how we have achieved better API performance by rebuilding them in Go, which were previously built in .NET Core. And you have understood our approach to this transition and how it increased the API performance of the LoginRadius Identity Platform.
\nLeverage LoginRadius Identity Platform to build authentication functionality for your web and mobile apps. Sign up for a free LoginRadius account here
\n","frontmatter":{"date":"June 06, 2022","updated_date":null,"description":"At Loginradius, we strive to leverage technology and ingenuity to push the boundaries of what our Identity Platform can deliver. In this engineering article, learn how we improved the performance of our APIs with Go.","title":"Why We Re-engineered LoginRadius APIs with Go?","tags":["Go","API",".NET","LoginRadius"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/da26686e342d94b3007681cd0379367c/58556/high-performance-identity-apis.webp","srcSet":"/static/da26686e342d94b3007681cd0379367c/61e93/high-performance-identity-apis.webp 200w,\n/static/da26686e342d94b3007681cd0379367c/1f5c5/high-performance-identity-apis.webp 400w,\n/static/da26686e342d94b3007681cd0379367c/58556/high-performance-identity-apis.webp 800w,\n/static/da26686e342d94b3007681cd0379367c/99238/high-performance-identity-apis.webp 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Vijay Singh Shekhawat","github":"code-vj","avatar":null}}}},{"node":{"excerpt":"Introduction Data breach refers to an incident when unauthorized individuals or organizations have access to sensitive information that they…","fields":{"slug":"/identity/authenticating-in-the-age-of-no-code-technology/"},"html":"Data breach refers to an incident when unauthorized individuals or organizations have access to sensitive information that they don’t own.
\nNo matter how strong your product’s architecture is, if the identification and authentication process is not apt, data breaches will happen. Even the biggest companies in silicon valley are not immune to these attacks.
\nFor instance, in 2021, the personal data of 533M Facebook users were posted on a forum for free. In the same year, data of more than 500M LinkedIn users were discovered on the dark web.
\nTo avoid data breaches you need to ensure that only the right individuals have access to your product and data.
\nYou can do that with the help of identification and authentication technologies.
\nIdentification is a process in which an individual produces private information voluntarily that is unique and can be used to recognize them. Private information is also referred to as means of identification. For example, name, date of birth, address, etc.
\nAuthentication is a process when the identity of the user is validated and they are given certain permissions or access to a certain data because of that. For instance, when you enter the password into your computer, your identity is validated and you gain access to your system.
\nThe process of identification begins with the recognition of parameters that make every user unique. Then, the values of these parameters are collected and stored for every customer and a key is assigned to each of them.
\nOften, these keys or codes are alphanumeric. They are assigned to every user which is unique and can be used to access other details like the name and email address.
\nThis means that a lot of (or at least enough) identifying information is to be collected from the user and stored safely. As the user is entering those details, steps have to be taken to ensure that the data is not duplicated, fraudulent, or incorrect.
\nAuthentication checks whether the entered credentials match any existing profile so that the system can present the right data with the appropriate authority.
\nThe authentication process requires a medium through which the user enters their details. For example, the prompt asking for a username and password is an authenticating medium. Then these credentials are examined and appropriate information is presented.
\nBoth of the processes deal with extremely sensitive private information. Companies have to pay compensation and legal fines if any of this data is hacked or breached. Therefore, special care has to be taken while integrating these processes into your product.
\nDeveloping secure systems for the identification and authentication of users can be expensive. The system architecture has to be designed with proper security for customers and has to be updated as the regulations change.
\nThis calls for hiring more senior engineers to build the system. With that, the auxiliary requirements also increase. Not to mention, the time-to-market increases too.
\nThis is a challenge for freelancers and small businesses.
\nFortunately, the no-code revolution solves that quickly.
\nAs the name suggests, no code is a process of developing applications through a graphical interface that requires zero coding. No-code development helps professionals with no coding knowledge create applications with ease.
\nAll you need to know is your requirements and you are ready to go.
\nNo-code development is beneficial for small teams with limited resources. The time-to-market is greatly reduced and the product can be developed at much lower costs.
\nLet’s take a look at how no-code technology has improved the identification and authentication process for businesses.
\nThe visual development environment provided by no-code technology comes with drag-and-drop templates. These templates are working blocks of code that can be used to build authentication and identification processes. This speeds up the process and shortens the overall development time.
\nCapgemini has shown that moving to a no-code framework has made their development processes 5.5x faster.
\nYou don’t need to have any kind of coding knowledge to build an authentication system for your business on a no-code framework.
\nOne of the most important reasons for that is its understandability. Code is difficult to understand as it is a machine-level language. Problem solvers think on an algorithmic level. That is easy to put on paper and translate to a product by using no-code technology.
\nNo-code development requires fewer engineers. This reduces all the auxiliaries that are needed by a business. For instance, less infrastructure, lower financial investment, etc. The most important resource saved is time.
\nUpdating processes and systems that were created using no-code technology is also easier. Often, it is taken care of by the platform.
\n![\"CIAM-buyers-GD\"](\"/7fc95a8ab311a513c7ef8ad1f02d6461/CIAM-buyers-GD.webp\")
Secure identification and authentication processes created on a no-code framework allow businesses to deliver more value to their customers.
\nIt assures secured storage of accurate data for each customer. This helps product managers to deliver a more personalized service to their customers. Another reason is that it assists customer success executives to solve the problems of each customer accurately.
\nThrough customer service software, businesses can understand critical customer service metrics and derive actionable data about support quality. These tools leverage no-code authentication to help the customer-facing teams fetch the right information at the right time.
\nWith increased customer satisfaction, there come a lot of benefits, such as higher customer retention and positive word of mouth.
\nIdentification and authentication are two major processes that secure customer data and enable companies to deliver a good service.
\nThe good news is that no-code technologies are helping businesses secure their services by enabling the developers to create processes faster.
\n![\"book-a-demo-loginradius\"](\"/8fce571f703a5970dbb1359a2fe0e51a/book-a-demo-loginradius.webp\")
B2B applications require connecting customers and partners with their existing identity system or directory. Customers often want their employees or end-users to access your product and service with hierarchical access rights and their existing identity.
\nManaging these requirements in-house can be tricky and time-consuming. However, the LoginRadius B2B Identity solution can bridge this gap for your business and help you eliminate friction. Above all, it serves a faster go-to-market with an industry-leading deployment time of 3-4 weeks while ensuring the following:
\nLoginRadius B2B Identity allows your customers and partners to effectively create their accounts without needing them to create another identity.
\nThis feature lets you give customers and partners authority to manage accounts and access via their internal identity sources or your dashboard.
\nLet’s say: your customer wants to allow only marketing and sales employees of the organization to access your B2B application. And within those 20 employees, the access rights will be different. LoginRadius B2B Identity can allow your customer to use their internal identity for authentication and manage the provision and access of their employee accounts within their identity source.
\nSimilarly, suppose some customers do not want to use internal identity for authentication and authorization. In that case, they can easily do this via managing configurations like login method, roles, and permission from your application dashboard. LoginRadius B2B Identity works in the background to smoothly process these requirements.
\nTo allow your customers and partners to use their internal identity for authentication, you must configure Federated SSO protocols depending on their identity application. With LoginRadius B2B Identity, you get effortless integration of the most popular and complex SSO protocols, such as SAML, JWT, and OAuth.
\nLet’s say one of your customers wants to authenticate using Salesforce while the other prefers to utilize their AWS identities. You can utilize OAuth integration for authentication using Salesforce and SAML integration for authentication using AWS — without understanding both protocols’ complexity and in-depth implementation.
\nNot just this, integration of these protocols is entirely maintenance-free; any required change or updates in protocols are taken care of by LoginRadius.
\nGet a centralized view of all your customers and partners. You can easily manage their identities and access controls (roles and permissions) from the LoginRadius Dashboard or the LoginRadius Management APIs.
\nRevoke access automatically upon user offboarding to ensure effortless access security to applications of your customers and partners. Similarly, it revokes customers’ and partners’ access rights to your application in case of churn or contract termination.
\nLoginRadius B2B Identity lets you delegate admin access to your customers and partners for seamlessly managing their employees and users. Consequently, it saves the efforts and time of your IT support team.
\nAlso, you can set up self-serve registration for your customers and partners, thus saving time in manually setting up their accounts. Similarly, these customers and partners can facilitate self-serve registration for their employees and users.
\nThe following built-in capabilities of LoginRadius CIAM lets you meet data regulations and protect customers’ and partners’ data privacy:
\nLoginRadius Dashboard lets you access your application's audit logs of activities performed by customers and partners.
\nAlso, you can access 30 different analytical charts to understand your customer and partner base and engagement.
\nThe following explains the step-by-step implementation of LoginRadius B2B Identity:
\n\n\nNote: To implement B2B Identity, you must have a Developer Pro account with LoginRadius. Create a Developer Pro account here for 21 days of the free trial.
\n
These are your customers or partner organizations who need to access your application. You can create and manage these Organizations using the following APIs:
\nCreate Organizationsdocs/references/api/b2b-identity/#create-organization)
\nAPI Endpoint: https://api.loginradius.com/identity/v2/manage/organizations
Update Organizationsdocs/references/api/b2b-identity/#update-organization)
\nAPI Endpoint: PUT https://api.loginradius.com/identity/v2/manage/organizations/{id}
Remove Organizationsdocs/references/api/b2b-identity/#remove-organization)
\nAPI Endpoint: DELETE https://api.loginradius.com/identity/v2/manage/organizations/{id}
Update Organization Statusdocs/references/api/b2b-identity/#update-status-of-organization)
\nAPI Endpoint: PUT https://api.loginradius.com/identity/v2/manage/organizations/{id}/status
These are the roles that organization users will have to access permission-based resources and processes. You can create, assign, and manage roles using the following APIs:
\nCreate Roledocs/references/api/roles-management/#roles-create)
\nAPI Endpoint: https://api.loginradius.com/identity/v2/manage/role
Add Permission to Roledocs/references/api/roles-management/#add-permissions-to-role)
\nAPI Endpoint: PUT https://api.loginradius.com/identity/v2/manage/role/{role}/permission
Remove Permission from Roledocs/references/api/roles-management/#remove-permissions)
\nAPI Endpoint: DELETE https://api.loginradius.com/identity/v2/manage/role/{role}/permission
Set Roles for Organizationdocs/references/api/b2b-identity/#addupdate-roles)
\nAPI Endpoint: https://api.loginradius.com/identity/v2/manage/organizations/{id}/defaultroles
Add User to Organizationdocs/references/api/b2b-identity/#add-user-to-organization)
\nAPI Endpoint: https://api.loginradius.com/identity/v2/manage/organizations/{id}/members
Remove Users from Organizationdocs/references/api/b2b-identity/#remove-users-from-organization)
\nAPI Endpoint: DELETE https://api.loginradius.com/identity/v2/manage/organizations/{id}/members
Get Organization Usersdocs/references/api/b2b-identity/#organization-users)
\nAPI Endpoint: GET https://api.loginradius.com/identity/v2/manage/organizations/{id}/members
You can allow organizations to use the organizational identity or ask them to create an identity for authenticating themselves.
\nSet Global IDP for Userdocs/references/api/b2b-identity/#set-global-idp-on-profile): Set a global Identity Provider authentication method from the already enabled authentication methods for your LoginRadius App. The global IDP will apply to organizations of all your customers and partners.
\nFor example: Login with Gmail, Login with Facebook, Login with Email-Password, etc.
\nAPI Endpoint: https://api.loginradius.com/identity/v2/manage/organizations/{org_id}/members/{uid}/idp/global
\n\nNote: To show the global IDP to all organizations, turn the setting on via this APIdocs/references/api/b2b-identity/#set-global-authentication-method-for-organization).
\n
Create SAML Login for Organizationdocs/references/api/b2b-identity/#create-organizational-saml-idp): Set a SAML authentication method specific to the customer or partner.
\nFor example: Login with Salesforce for one customer and Login with Azure AD for another customer. So, customers and partners can easily authenticate using their identity provider rather than creating a new identity.
\nAPI Endpoint: https://api.loginradius.com/identity/v2/manage/organizations/{org id}/idp/saml
You can manage the welcome email and related email communication for the organization users using LoginRadius Dashboard, as explained heredocs/guide/manage-organizations/#manage-email-template-and-setting).
\nSave on R&D, engineering resources, and maintenance by utilizing LoginRadius B2B Identity — consequently, go to market faster.
\nCreate a Developer Pro account here to start your journey of eliminating authentication and access friction from your B2B business.
\n","frontmatter":{"date":"May 31, 2022","updated_date":null,"description":"B2B companies need to manage identity differently to meet customer needs and deliver value efficiently while ensuring secure and seamless access. Read more to learn how your company can implement B2B identity management.","title":"Why B2B Companies Should Implement Identity Management","tags":["Identity","Access Management","B2B"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/e25d9ab8ae7c1c0010fb32fd588f892a/58556/b2b-identity-management.webp","srcSet":"/static/e25d9ab8ae7c1c0010fb32fd588f892a/61e93/b2b-identity-management.webp 200w,\n/static/e25d9ab8ae7c1c0010fb32fd588f892a/1f5c5/b2b-identity-management.webp 400w,\n/static/e25d9ab8ae7c1c0010fb32fd588f892a/58556/b2b-identity-management.webp 800w,\n/static/e25d9ab8ae7c1c0010fb32fd588f892a/99238/b2b-identity-management.webp 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Ravi Teja Ganta","github":"ravitejag","avatar":null}}}},{"node":{"excerpt":"What is a Cyber Attack? A cyber attack is a sequence of actions performed by a threat actor to obtain unauthorized access to a computer…","fields":{"slug":"/engineering/top-cyber-threats-in-2022/"},"html":"A cyber attack is a sequence of actions performed by a threat actor to obtain unauthorized access to a computer, computer network, or other computing systems to intentionally steal data, harm innocent people, or launch attacks from a compromised computer. To launch a cyberattack, cybercriminals utilize many methods, including phishing, ransomware, malware, man-in-the-middle attack, and denial of service, among others.
\nPhishing is used to steal user credentials and sensitive data such as credit card numbers and social security numbers or install malware on a victim's machine. An attacker usually sends fraudulent communications that appear to be from a reputable source. Specifically, scammers send emails or text messages containing malicious links in a manner that seems to originate from legitimate senders.
\nDenial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) attacks send malicious and spam requests to a system or network, severely restricting the ability to perform and serve legitimate users and requests. This attack is frequently used to set up another attack.
\nVishing combines voice and phishing in which an attacker tricks a victim to steal personal and confidential information. It is a social engineering attack as it relies on psychology to convince victims to give sensitive information or perform an action for the attacker's benefit.
\nMalware attacks are common types of cyberattacks in which malware (usually malicious software) performs unauthorized actions like stealing personal, financial, or business information on the victim's system. Malicious software is created in several forms, including ransomware, spyware, and command and control.
\nRansomware is malware that threatens to expose or limit access to data or a computer system by encrypting valuable data or limiting system functionality. Cybercriminals demand monetary incentives (ransom) for releasing the system after encrypting or locking the data. A deadline is typically attached to the ransom demand. If the victim does not pay the ransom on time, the data will be lost permanently, or the ransom will be increased.
\nA man-in-the-middle (MiTM) attack occurs when an attacker intercepts and distributes messages between two participants who think they are interacting directly and securely. Participants who send emails, instant messages, or video conferencing are unaware that an attacker has inserted themselves into the conversation and is collecting and manipulating their information.
\nA Brute-force Attack is an attempt to find a credential, such as a password, using computer-based automated trial and error. The attack involves automated spraying of all possible character combinations and lengths into a password field until a match. Brute-force attacks are successful when the authentication protocol of an online service complements this type of attack. Shared secrets between the service and the user provide the highest probability of success for a brute-force attacker.
\nAny cyberattack that targets an Internet of Things (IoT) device or network is known as an IoT attack. Once the device has been hacked, the hacker can take control of it, steal data, or join a network of infected devices to execute DoS or DDoS attacks.
\nA keylogger is spyware that logs a user's activity by logging keystrokes. Every key pushed on the keyboard is captured and forwarded to a malicious actor when the spyware installs a keylogger on a device. As a result, the attacker will have access to data streams that help find user passwords and other sensitive information. Keylogger spyware is generally installed on the user's device by unintentionally clicking on a malicious link or attachment.
\nCross-site Scripting (XSS) attacks use third-party online resources in which malicious scripts are inserted into a legitimate website or application to obtain a user's information. Attackers commonly employ JavaScript, Microsoft VBScript, ActiveX, and Adobe Flash for XSS attacks. A web app is usually vulnerable to XSS attacks when it receives user input without validating or encoding it in its output.
\nCyberattacks are becoming ever more common and sophisticated, mostly with financial motives.\nWhile preventative cybersecurity tactics vary by attack type, you should follow best security practices and practice IT hygiene for mitigating these attacks.
\nThese cyber-threats are creating more emphasis to stack up security measures. You can follow these Security Tips, which are well-known among LoginRadius’s cybersecurity Experts.
\n","frontmatter":{"date":"May 31, 2022","updated_date":null,"description":"Cybercriminals are using an increasing number of attacks to exploit web apps and steal valuable data. This article teaches about the ten most common types of cyber threats.","title":"Top 10 Cyber Threats in 2022","tags":["Cyber Threats","Security"],"pinned":null,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.5037593984962405,"src":"/static/ee3ab87a1a76ecb64198016552132df2/58556/top-10-cyber-threats-in-2022.webp","srcSet":"/static/ee3ab87a1a76ecb64198016552132df2/61e93/top-10-cyber-threats-in-2022.webp 200w,\n/static/ee3ab87a1a76ecb64198016552132df2/1f5c5/top-10-cyber-threats-in-2022.webp 400w,\n/static/ee3ab87a1a76ecb64198016552132df2/58556/top-10-cyber-threats-in-2022.webp 800w,\n/static/ee3ab87a1a76ecb64198016552132df2/99238/top-10-cyber-threats-in-2022.webp 1200w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Vijay Singh Shekhawat","github":"code-vj","avatar":null}}}},{"node":{"excerpt":"Introduction We all know that marketing is complex. And when we have hundreds of competitors in the ever-expanding digital landscape…","fields":{"slug":"/growth/role-it-marketing-customer-identity-management/"},"html":"We all know that marketing is complex. And when we have hundreds of competitors in the ever-expanding digital landscape, marketing becomes an uphill battle.
\nHowever, a major proportion of your marketing begins the moment a user interacts with your platform. If you can deliver them the experience they expect, you’re on the right track in promoting your services/product.
\nPromoting your brand and delivering out-of-the-box services reinforced with robust security is paramount for business success. However, delivering rich experiences remains the most underrated catalyst that can pave the path for exponential growth!
\nOver the years, customer identity management for business is helping enterprises bridge the gap between user experience and security that further improves engagement and trust.
\nWhether you talk about any renowned brand or a Fortune 500 company, they’re leveraging the perfect harmony of quality services, stringent security, and a great user experience through identity management.
\nIn a nutshell, information technology and marketing may seem as different as night and day, but their perfect symphony is crucial for business success.
\nLet’s uncover the business advantages of incorporating IT and marketing in harmony and how enterprises can reap the best results through customer identity management.
\nWe have the tendency to switch a website in a couple of seconds if we’re not pleased with the user experience during the first encounter.
\nNow, imagine searching for a casual pair of shoes online and landing on an XYZ e-commerce store.
\nYou’re exploring the website, and within a couple of seconds, you’re bombarded with registration forms with many fields asking for your personal information, including name, address, phone number, email, and more.
\nRemember, you haven’t yet checked the casual shoes you’re searching for!
\nWill you fill out that complete form and then search for the shoes you’ve been looking for? Absolutely not! What will be your next course of action?
\nYou’ll just close the window and search for the same shoes on another platform that offers a seamless experience and allows you to check out your desired goods quickly.
\nThe same thing happens with other users globally!
\nHence, to ensure your marketing works flawlessly, you need to set the seal on your platform’s user experience, especially when users interact with the brand for the first time and are asked for early registration.
\nA customer identity and access management (CIAM) solution can gradually help enterprises collect crucial user information through progressive profiling.
\nThrough progressive profiling, users aren’t bombarded with big registration forms; instead, they are asked to share their details when they interact with the platform gradually. This ensures a seamless and rich user experience.
\n![\"EB-progressive-profiling\"](\"/0043785bf2e3f481635df5ab85c16842/EB-progressive-profiling.webp\")
Security is the backbone of any business delivering online services in the modern digital landscape. However, most companies overlook the importance of incorporating a stringent security mechanism in their digital experience and preference management strategy.
\nSince various security compliances and data regulations like the GDPR and CCPA are becoming more stringent, enterprises need to understand that offering a great user experience while compromising security and privacy could be the worst thing for their business.
\nAlthough most customers are concerned about how businesses collect, store, and manage their personal information, many still don’t care about their data security.
\nWhether your customers are concerned about security or not, you need to ensure your business complies with all the necessary security and data privacy regulations.
\nBut again, the game of adding compliances and increasing security indirectly revolves around compromising user experience, which hampers all the marketing efforts.
\nSo, what could be the ideal solution for overcoming this dilemma of balancing user experience with security?
\nA customer identity and access management solution could help overcome the challenges of creating a perfect harmony between user experience, security, and global compliances.
\nHence, if a business is leveraging a reliable CIAM solution and ensuring security, user experience, and compliance, its marketing would deliver outstanding results like a breeze.
\nMarketers need not worry regarding the overall security of consumer data. They can promote their brand to deliver a great user experience since they’re backed with a robust security mechanism.
\nAlso, users don’t hesitate to share their consent when they know their data is being safely handled. This can again help businesses collect crucial information that can further help create personalized consumer journeys.
\nThe LoginRadius’ cutting-edge CIAM solution is designed to help brands quickly meet all their requirements of security, user experience, and compliances to help get more out of their marketing strategies.
\nBusinesses leveraging LoginRadius CIAM get endless business advantages, including:
\nA customer identity access management solution like LoginRadius can bridge the gap between your customers and the latest identity and personal data protection developments—essential in today’s connected world.
\nA CIAM helps you take the next step in assuring your customers’ online safety while simplifying their online experience across new digital platforms.
\nMarketing and IT go hand-in-hand, and businesses need to understand the importance of creating a balance between the two.
\nCustomer identity management is crucial for businesses striving for growth in a highly competitive business environment.
\nWith a new-age CIAM like LoginRadius, businesses can ensure they deliver a rich consumer experience backed with robust security that can offer endless marketing opportunities.
\n
In the modern digital world, where customer experience decides the overall growth of a business, crafting a frictionless customer journey holds the most significant importance.
\nMoreover, when a business embarks on a digital transformation journey, secure and seamless authentication becomes an integral part of its customer success journey.
\nHowever, most enterprises aren’t sure whether they need social login on their platform or single sign-on (SSO) to improve user experience and security.
\nSocial login and SSO are both different ways of authentication and can be used together or individually, depending on the business requirements.
\nLet’s understand the differences between the two terms and how enterprises can make wiser decisions to incorporate a seamless and secure authentication mechanism into their platforms.
\nSocial login, also known as social sign-in or social sign-on, allows your consumers to log in and register with a single click on a website or mobile application using their existing accounts from various social providers like Facebook, Google, etc.
\nSocial login simplifies the sign-in and registration experiences, providing a convenient alternative method to create an account where it is mandatory.
\nSocial login reduces the effort to remember passwords, which means people don’t need to create and keep track of more credentials, lessening password fatigue and login failure. Log in via a third-party web page or Facebook or Google accounts can be done with just a few clicks on the button.
\nSingle Sign-On (SSO) is an authentication method that allows websites to use other trustworthy sites to verify users. Single sign-on enables users to log in to any independent application with a single ID and password.
\nVerifying user identity is vital to knowing which permissions a user will have. SSO is an essential feature of an Identity and Access Management (IAM) platform for controlling access. The LoginRadius Identity platform is one example of managing access that combines user identity management solutions with SSO solutions.
\nCustomers can use a single identity to navigate multiple web and mobile domains or service applications since they only need to use one password. Also, SSO makes generating, remembering, and using stronger passwords simpler for users.
\nWhile both authentication mechanisms are widely used for securely and seamlessly authenticating users, many differences can help better understand their core functionality.
\nTo learn more about the Social Login vs. SSO - concept, differences, and techniques, check out the infographic created by LoginRadius.
\n![\"social-login-sso\"](\"/5f780e000b779a82a3d1b58e2ce33077/social-login-sso.webp\")
LoginRadius' cloud-based CIAM offers endless possibilities to businesses seeking digital transformation by adopting cutting-edge authentication techniques, including social login and SSO.
\nWith LoginRadius’ social login and SSO, businesses can quickly bridge the gap between users and brands since the leading CIAM offers world-class security and a rich consumer experience that increases user engagement, retention rates, and conversion.
\nIf you wish to witness the future of CIAM and how it works for your business, schedule a free personalized demo today!
\n
Identity is evolving, and developers are at the forefront of this transformation. Every day brings a new learning—adapting to new standards and refining approaches to building secure, seamless experiences.
\nWe’re here to support developers on that journey. We know how important simplicity, efficiency, and well-structured documentation are when working with identity and access management solutions. That’s why we’ve redesigned the LoginRadius website—to be faster, more intuitive, and developer-first in every way.
\nThe goal? Having them spend less time searching and more time building.
\nLoginRadius’ vision is to give developers a product that simplifies identity management so they can focus on building, deploying, and scaling their applications. To enhance this experience, we’ve spent the last few months redesigning our interface— making navigation more intuitive and reassuring that essential resources are easily accessible.
\nHere’s a closer look at what’s new and why it’s important:
\n![\"This](\"/f46881583c7518a93bb24e94c32320de/a-developer-friendly-dark-theme.webp\")
Developers spend long hours working in dark-themed IDEs and terminals, so we’ve designed the LoginRadius experience to be developer-friendly and align with that preference.
\nThe new dark mode reduces eye strain, enhances readability, and provides a seamless transition between a coding environment and our platform. Our new design features a clean, modern aesthetic with a consistent color scheme and Barlow typography, ensuring better readability. High-quality graphics and icons are thoughtfully placed to enhance the content without adding visual clutter.
\nSo, whether you’re navigating our API docs or configuring authentication into your system, our improved interface will make those extended development hours more comfortable and efficient.
\n![\"This](\"/e5358b82be414940f3fb146013845933/capabilities.webp\")
We’ve restructured our website to provide a straightforward breakdown of our customer identity and access management platform capabilities, helping you quickly find what you need:
\nThis structured layout ensures you can quickly understand each capability and how it integrates into your identity ecosystem.
\n![\"This](\"/a8c155c2b6faf3d5f4b4de4e2b14d763/developers-menu.webp\")
We’ve been analyzing developer workflows to identify how you access key resources. That’s why we redesigned our navigation with one goal in mind: to reduce clicks and make essential resources readily available.
\nThe new LoginRadius structure puts APIs, SDKs, and integration guides right at the menu bar under the Developers dropdown so you can get started faster. Our Products, Solutions, and Customer Services are also clearly categorized, helping development teams quickly find the right tools and make informed decisions.
\n![\"This](\"/b2f9a964a2da0ea83e2f8596b833bba7/we-support-your-tech-stack.webp\")
Developers now have a clear view of the tech stack available with LoginRadius, designed to support diverse business needs.
\nOur platform offers pre-built SDKs for Node.js, Python, Java, and more, making CIAM integration seamless across popular programming languages and frameworks.
\nCheck out our revamped LoginRadius website and see how the improved experience makes it easier to build, scale, and secure your applications.
\nDo not forget to explore the improved navigation and API documentation, and get started with our free trial today. We’re excited to see what you’ll build with LoginRadius!
\n","frontmatter":{"date":"February 21, 2025","updated_date":null,"description":"LoginRadius’ vision is to give developers a product that simplifies identity management so they can focus on building, deploying, and scaling their applications. To enhance this experience, we’ve redesigned our website interface, making navigation more intuitive and reassuring that essential resources are easily accessible.","title":"Revamped & Ready: Introducing the New Developer-First LoginRadius Website","tags":["Developer tools","API","Identity Management","User Authentication"],"pinned":true,"coverImage":{"childImageSharp":{"fluid":{"aspectRatio":1.7857142857142858,"src":"/static/80b4e4fbe176a10a327d273504607f32/58556/hero-section.webp","srcSet":"/static/80b4e4fbe176a10a327d273504607f32/61e93/hero-section.webp 200w,\n/static/80b4e4fbe176a10a327d273504607f32/1f5c5/hero-section.webp 400w,\n/static/80b4e4fbe176a10a327d273504607f32/58556/hero-section.webp 800w,\n/static/80b4e4fbe176a10a327d273504607f32/99238/hero-section.webp 1200w,\n/static/80b4e4fbe176a10a327d273504607f32/7c22d/hero-section.webp 1600w,\n/static/80b4e4fbe176a10a327d273504607f32/1258b/hero-section.webp 2732w","sizes":"(max-width: 800px) 100vw, 800px"}}},"author":{"id":"Rakesh Soni","github":"oyesoni","avatar":"rakesh-soni.webp"}}}},"pageContext":{"limit":6,"skip":264,"currentPage":45,"type":"///","numPages":164,"pinned":"ee8a4479-3471-53b1-bf62-d0d8dc3faaeb"}},"staticQueryHashes":["1171199041","1384082988","2100481360","23180105","528864852"]}