Skip to main content
Vol. I · No. 1

The Identity at the Core

The Definitive Chronicle of Identity & Access Management

Breach: BREACH: Major healthcare provider confirms 2.3M patient records exposed via misconfigured SCIM endpointVulnerability: CVE-2026-31847: Critical RCE in FortiAuthenticator — CVSS 9.8 — Patch immediatelyBreach: BREACH: European fintech platform leaks OAuth tokens affecting 890K usersAdvisory: ADVISORY: CISA warns of active exploitation of SAML implementation flaws in enterprise SSO productsBreach: BREACH: Major healthcare provider confirms 2.3M patient records exposed via misconfigured SCIM endpointVulnerability: CVE-2026-31847: Critical RCE in FortiAuthenticator — CVSS 9.8 — Patch immediatelyBreach: BREACH: European fintech platform leaks OAuth tokens affecting 890K usersAdvisory: ADVISORY: CISA warns of active exploitation of SAML implementation flaws in enterprise SSO products

BREACH: Major healthcare provider confirms 2.3M patient records exposed via misconfigured SCIM endpoint

CVE-2026-31847: Critical RCE in FortiAuthenticator — CVSS 9.8 — Patch immediately

BREACH: European fintech platform leaks OAuth tokens affecting 890K users

Legal

Terms of Service

Last updated: May 5, 2026

These Terms of Service ("Terms") govern your access to and use of Identity at the Core ("the Publication", "we", or "us"), operated by Paulo Valadares. By accessing or using the site, you agree to be bound by these Terms. If you do not agree, please do not use the service.

1. Eligibility

You must be at least 16 years old to create an account or submit content. By registering, you represent that the information you provide is accurate and that you have the authority to enter into these Terms.

2. Accounts and Security

3. Acceptable Use

You agree not to:

We may remove content and suspend accounts that violate this section without notice.

4. Content

Our content

All editorial content, articles, designs, code, logos, and other materials produced by Identity at the Core are protected by copyright and other intellectual property laws. You may read, share, and quote excerpts with attribution and a link back to the original article. You may not republish full articles without written permission.

Your content

You retain ownership of content you submit (questions, comments, guest columns, profile information). By submitting content, you grant us a non-exclusive, worldwide, royalty-free license to host, display, and distribute it on the Publication and related channels (e.g., the newsletter or social media). You represent that you have the right to grant this license.

Guest columns and partner content

Guest columns and partner content are published with editorial review and clearly labeled. The opinions expressed are those of the contributing authors and do not necessarily represent those of Identity at the Core.

5. Donations and Tools

Donations are voluntary contributions processed by Stripe. Donations are non-refundable except where required by law. Some tools in the IAM Toolkit are gated behind a minimum donation; access to those tools is granted upon successful payment.

6. Intelligence Feeds and Information Accuracy

Breach reports, vulnerability alerts, and other intelligence feeds are provided for informational purposes only and may be sourced from third-party providers (including the National Vulnerability Database). We work to keep this information accurate and timely, but we make no warranty as to completeness or correctness. Do not rely on the Publication as a sole source for security decisions.

7. Third-Party Links and Services

The Publication may link to third-party websites, services, or tools. We do not control and are not responsible for the content, privacy practices, or security of those third parties.

8. Disclaimer of Warranties

The service is provided "as is" and "as available" without warranties of any kind, express or implied, including warranties of merchantability, fitness for a particular purpose, or non-infringement. We do not warrant that the service will be uninterrupted, error-free, or secure.

9. Limitation of Liability

To the fullest extent permitted by law, Identity at the Core and its operator shall not be liable for any indirect, incidental, special, consequential, or punitive damages, or any loss of profits or revenues, arising out of or in connection with your use of the service. Our total liability for any claim arising out of these Terms shall not exceed the greater of CAD $100 or the amount you have paid us in the past 12 months.

10. Indemnification

You agree to indemnify and hold harmless Identity at the Core and its operator from any claim or demand, including reasonable attorneys' fees, arising out of your use of the service, your violation of these Terms, or your violation of any third-party right.

11. Termination

You may delete your account at any time. We may suspend or terminate your access at our discretion if you violate these Terms or engage in conduct we reasonably believe harms the service or other users. Upon termination, sections 4 (Content), 8 (Disclaimer), 9 (Limitation of Liability), and 10 (Indemnification) survive.

12. Governing Law

These Terms are governed by the laws of the Province of Ontario, Canada, without regard to conflict-of-laws principles. Disputes shall be resolved exclusively in the courts located in Toronto, Ontario, unless applicable consumer-protection law permits otherwise.

13. Changes to These Terms

We may update these Terms from time to time. Material changes will be announced via the newsletter and a banner on the site. Continued use after the effective date of revised Terms constitutes acceptance.

14. Contact

Questions? Email legal@identityatcore.org.

See also our Privacy Policy.

site:terms | Identity at the Core