Identity telemetry, Oracle SNAFU,and back on the road.

The 102nd Edition of the Identity Jedi Newsletter

Author

David Lee
April 02, 2025

In Partnership With

Wondering how to tackle CIAM in 2025? Don’t worry, Descope has got your back; in fact, they’ve got an entire webinar on just that topic. I’m a huge fan of the team over at Descope; they’ve built a great product that is easy to use and really puts the fun back in development. ( Yeah, you read that right!) Happy to have them as a partner! Show them love and check out their webinar on CIAM here

Hey Jedi welcome to the 102nd edition of the Identity Jedi Newsletter. Shout out to our partners at Descope for sponsoring this week’s edition! Had a chance to hang out with their team in Chicago and hear all about fine-grained authorization! It was a great time. Show them some love this week and check our their webinar on CIAM.

In this week's newsletter, we break down a piece by Darran Rolls, Oracle’s having themselves a time, and CISOs learning how to use identity to advance zero trust.

Let’s get to the GOOD STUFF!

This week's edition

Identity is your best friend.

It always has been, but I digress. I would love to see more security leaders start welcoming the world of identity into their programs.

How CISOs can use identity to advance zero trust

This post aims to provide security leaders with the essential insights needed to actively engage in identity-related architecture and strategy decisions.

www.csoonline.com/article/3951888/how-cisos-can-use-identity-to-advance-zero-trust.html

Ummm…say what now?

Some troubling times for our pals, the Big O. Recent news of a data breach has Oracle doing the Spiderman meme.

Oracle buried serious data breach from customers, now hacker has it up for sale

Earlier this month, a threat actor going by Rose87168 claimed to have breached Oracle Cloud's federated SSO servers and exfiltrated around 6 million records, affecting over 144,000...

www.techspot.com/news/107362-oracle-hid-serious-data-breach-customers-now-hacker.html

Leovici Brand Ambassador

Love the gear from Leovici! My favorite so far are these athletic joggers. Great for a workout, or just comfortably lounging around the house. Recently rocked these as my airport gear and I loved it. Soft feel, with a great fit. And of course as a subscriber I’ve got discounts for you.

Use code: IDENTIYJEDI to get 15% off!

This Week in Identity: Bringing Observability to the Forefront

This week’s pick is a must-read from my longtime friend and mentor, Darran Rolls: “Bringing Observability to the Forefront of IAM” over at Identity Innovation Labs. Darran and I go way back, and if you’ve ever had the chance to hear him speak or read his work, you already know he doesn’t just ride the wave—he shapes the tide. This blog is no exception.

The core premise is something I wholeheartedly agree with: you can’t manage what you can’t see. That’s not just a catchy phrase—it’s the quiet truth that haunts many IAM programs. We’ve built our identity ecosystems assuming we had visibility, but in reality, most programs are flying blind in key areas. Darran lays it out beautifully using a play on the Johari Window—coining what he calls the Identi-hari Window—to categorize the “known knowns,” “known unknowns,” and more ominously, the “unknown unknowns” in identity.

Let me pause and say this: if you lead or support any kind of IAM initiative and you haven’t asked yourself, “What identity activity am I not seeing?”—now is the time.

What I love about this post is how it moves the conversation beyond ITDR. It’s not just about detecting threats; it’s about enabling identity observability across the board. And Darran makes a strong case for adopting OpenTelemetry—something that’s traditionally been the domain of app performance and DevOps—and bringing it into the world of IAM. The idea of retrofitting telemetry into legacy and cloud identity systems without breaking the app? That’s the kind of practical innovation IAM needs.

But it’s not just the tech that excites me—it’s the why. Darran’s vision is about building a more honest, transparent view of identity activity. The kind of visibility that lets you see the service account quietly elevating privileges, or the orphaned SaaS integration still authenticating months after a project sunset. That’s what modern IAM demands.

One question I kept coming back to as I read this: Where do Shared Signals fit into this story? For those not familiar, Shared Signals and Events (SSE) is an open standard for exchanging identity and security event data between systems. It feels like a natural partner to the observability approach—especially when you’re trying to close visibility gaps across federated identity systems, or react to real-time trust decisions. Could SSE act as a kind of telemetry amplifier? I’d love to hear Darran’s thoughts on that (and you better believe I’ll be texting him after I hit publish on this).

Bottom line: this blog is a reminder that identity isn’t just about granting access—it’s about seeing the whole picture. And as we head into a future filled with AI-driven behavior analysis and real-time access decisions, observability may be the superpower we didn’t know we needed.

✊🏾 Stay curious,

SHARED INTEL Q&A: Forrester’s Geoff Cairns on why IAM is overdue for a fundamental reset

Identity and Access Management (IAM) is no longer just about keeping the wrong people out—it’s about ensuring the right people, machines, and AI-driven agents can securely operate in an increasingly complex digital world. Related: How IAM can be … (more…) The post SHARED INTEL Q&A: Forrester’s Geoff Cairns on why IAM is overdue for a fundamental reset first appeared on The Last Watchdog.

securityboulevard.com/2025/04/shared-intel-qa-forresters-geoff-cairns-on-why-iam-is-overdue-for-a-fundamental-reset/?utm_source=rss&utm_medium=rss&utm_campaign=shared-intel-qa-forresters-geoff-cairns-on-why-iam-is-overdue-for-a-fundamental-reset

Why Active Directory’s 25-Year Legacy Is a Security Issue

From weak service account passwords to sync gaps with cloud platforms, Active Directory’s age is showing. Semperis CEO Mickey Bresman says organizations still

www.govinfosecurity.com/active-directorys-25-year-legacy-security-issue-a-27898

The urgent reality of machine identity security in 2025

Here, we’ll explore the growth of machine identities, the associated risks, and the strategies organizations can adopt to help mitigate these challenges.

www.csoonline.com/article/3951921/the-urgent-reality-of-machine-identity-security-in-2025.html

#341 - Alternative Realities and Dimensions of IAM in 2025

Identity at the Center · Episode

open.spotify.com/episode/6W91C9nQz6QJ58ooyD6WXW?si=a95be89e9a184096

This Security Control Is So Good We Don’t Even Have to Turn It On (LIVE in Clearwater, FL)

CISO Series Podcast · Episode

open.spotify.com/episode/4oNUsWe5FvjZZCsSUQt9Xy?si=19afdabc037747b2

The Identity Jedi Universe

Powered by OnTheCornerMedia

Identity Jedi Show Podcast

Wait I’m In Charge? Micro Podcast

Identity Jedi Show Podcast

Leadership Newsletter

The Last Word

It’s been a crazy week! But I’ve loved being back on the road and talking with customers. It’s inspired some great content I’ll be putting together over the next couple of weeks, and gets me even more excited to get back out there and help people tackle their identity challenges. From conversations around app onboarding to how to level up your identity program, it was invigorating to be having some valuable conversations. It never works when you do what you love , until next time.

Be Good to each other, Be Kind to each other, Love each other

-Identity Jedi

What did you think of this weeks newsletter?

Login or Subscribe to participate in polls.

Reply

or to participate.

© 2025 Identity Jedi Newsletter.

Privacy Policy

Terms of Use

Powered by beehiiv