Join IDSA
Join IDSA

Tag Archives: identity security

  1. 5 Reasons Disconnected Apps Are An Enterprise Risk You Can No Longer Ignore

    September 30th, 2025 by Paul Hunter | Posted in Best Practices, News, Perspective, Research |

    Tags: , , , ,

    Companies of every size depend on Identity and Access Management (IAM), Identity Governance and Administration (IGA), and Privileged Access Management (PAM) to secure logins, enforce policies, and meet compliance requirements. These platforms are the backbone of modern identity security. But there’s a problem: they can only secure what they connect to. The apps that don’t…

  2. Identity Blind Spots on the Network Layer

    September 25th, 2025 by Paul Hunter | Posted in Perspective, Research, Security Outcomes |

    Tags: , , , , , , , , , , , ,

    Webinar Title: Zero Trust Falls Short Without Network Identity: Lessons from Salt Typhoon Date: October 1, 2025 Registration: Save your spot here Abstract Identity for users, applications, servers, and cloud has matured. Network devices are often the exception. Shared device accounts, SSH key sprawl, limited per-command authorization, and weak session evidence create a gap that…

  3. Salt Typhoon: How Network Admin Paths Became Attack Paths

    September 23rd, 2025 by Paul Hunter | Posted in News, Perspective, Security Outcomes |

    Tags: , , , , , , , , ,

    Webinar Title: Zero Trust Falls Short Without Network Identity: Lessons from Salt Typhoon Date: October 1, 2025 Registration: Save your spot here Abstract Salt Typhoon highlights how valid credentials and built in tools can turn network administration into an attacker highway. This post walks a likely attack chain in plain language and shows where identity…

  4. Do Your CI/CD Pipelines Need Identities? Yes.

    September 4th, 2025 by Paul Hunter | Posted in Best Practices, Perspective, Research, Security Outcomes |

    Tags: , , , , , ,

    If one principal can do anything, one mistake can undo everything. I’ve read too many incident reviews where the “automation user” turned out to be the attacker’s best friend. One token. All the doors. Code, artifacts, production. We built CI/CD to go fast. We accidentally made it the fastest path to a breach. Just like…

  5. How Convergent Identity-Based Security Reduces Risk, Increases Efficiency

    August 26th, 2025 by Paul Hunter | Posted in Best Practices, News, Perspective, Research |

    Tags: , , , , ,

    This blog was originally published by Bravura Security here.   In an era where 80% of data breaches involve compromised credentials and privilege escalation, traditional identity and access management (IAM) and privileged access management solutions (PAM) solutions are falling behind. While organizations have invested millions in layered implementations rooted in traditional enterprise approaches, these solutions…

  6. Why Identity Security Should Be the Basis of Modern Cybersecurity

    April 8th, 2024 by Vaughn-Shane Camarda | Posted in Perspective |

    Tags:

    This article was originally published by BeyondTrust. You can view the article here. An Interview with the Authors of the latest book in the Attack Vector series, Morey J. Haber, Chief Security Advisor, BeyondTrust, and Darran Rolls, Identity, Security, Privacy & Compliance Advocate. It is easier for a threat actor to log in versus hack…

  7. Workforce Identity Security Best Practices: The Essential Role of Unified Identity Protection

    March 27th, 2024 by Vaughn-Shane Camarda | Posted in Best Practices |

    Tags: , ,

    This article was originally published by BeyondTrust. You can view the article here. In any corporate environment, every worker needs access to multiple systems from day one (Active Directory, Okta, HR applications, Salesforce, finance tools—the list goes on and on). Those already numerous accounts—and privileges—then accumulate over time (privilege creep) as that employee changes roles…

Background

READY TO MAKE AN IMPACT?

Let's work together to help everyone become more secure.
Join the IDSA