The 29th Edition the Identity Jedi Newsletter

Living like it's golden, IAM market heating up, hungover writing is the best

Author

David Lee
March 29, 2023

Wednesday, 3/29/23 - Identity Jedi Newsletter - Subscribe

Hey Jedi welcome to the 29th (GOLDEN) edition of the Identity Jedi Newsletter!

The 29th Edition on the 29th day of March. The day after the greatest day in US History. I mean, it can’t get much better than this!

My apologies to for the late edition today, but I did warn you. Also this gives me a chance to include some news that is breaking today, so that’s always awesome!

Our question for world dominance continues Jedi! Our ranks are growing, and soon, we will fill conferences worldwide with Identity Jedi T-shirts and swag! You don’t want to miss out on this right Jedi. I don’t want you to have FOMO, so hit the link below, share the newsletter let’s get you some referrals, and get you free swag! The Identity Jedi Order is growing!

Events, Announcements, Speaking Gigs

RSA Conference - April 24-27th, San Francisco, CA, Moscone Center - Paving A Path to Identity First

Identiverse - May 29th - June 2nd, Las Vegas, NV ( Aria) - Web3 The Identity Prince That Was Promised. Discount Code: IDV23-SPKR25 ( expires 3/31)

Comments is now LIVE on the Newsletter! Like what you read? Disagree? Gotta a good joke? Drop it in the comments.

Let’s Get to the Good Stuff!

  • IAM Market Heating Up 🥇 

  • Let’s take a trip to the keys..not those keys 🥇 

  • Okta’s back in the news….(I’m sorry) 🥇 

🥇 IAM isn't cutting it 🥇 

I couldn’t have said it better myself. Actually, yes I could, and I have. But alas, we are not here to pontificate on the musings I have made. We are here to talk about the $10 Million dollars that Spera recently raised as seed funding for their IAM platform. But not your traditional IAM platform, no..the new hotness is all about ITDR. ( Identity Threat Detection and Response). In this last year alone, we’ve seen several entrants into this growing space. The message is clear; the current platforms aren’t enough. They are administration tools and not operational tools. I would say I told you so, but I mean, that’s just rubbing it in

Plus, it’s too early to tell how the market will react to this. What does customer growth look like? What are implementation timelines? What measurable impact will customers get from these tools? All questions I’m sure each of these companies feels they have answers too, we just need to seem them in action

IAM isn’t cutting it, Spera raises $10M for a new approach to identity security

Israeli cybersecurity startup Spera announces it has raised $10 million in seed funding for a solution designed to enhance IAM.

venturebeat.com/security/iam-isnt-cutting-it-spera-raises-10m-for-a-new-approach-to-identity-security

🥇 Let’s take a trip to the keys 🥇 

Jedi! READ THIS LINKED ARTICLE!

Seriously, this article does a magnificent job of breaking down why proper IAM controls and usage of those controls are so important and has a direct impact on protecting resources.

This is a breakdown from a red teamer about how we went about gaining access to an AWS environment by hijacking AWS access keys.

For the past two years, I’ve had the idea of hosting an event similar to what’s outlined in the article to bridge security teams and identity teams. Might be time to dust off the mothballs on that one.

NECCDC 2023: Red Team Adventures

Explore our NECCDC 2023 experience to learn about best security practices and tips to protect your own AWS infrastructure from attackers.

hurricanelabs.com/blog/neccdc-2023-red-team-adventures

🥇 Guess who’s back…back again….Okta’s back..tell a friend.🥇 

I promise you I don’t have a vendetta against the good folks at Okta. ( Also, the title above is a reference to an Eminem song. I’ll leave you the exercise of googling to find out which one).

In keeping with the red teaming theme from the previous article, it’s a good look for identity teams to understand how attackers will try to compromise the system they use. In this case, users accidentally type their password into the username field. This can happen to any system to be 1000% fair to Okta. And as organizations look to use more systems and have centralized tools like SIEM products collecting logs, those logs can become a honeypot for would-be attackers to access credentials. The article addresses some ways to prevent this.

The more you know Jedi…

Okta Post-Exploitation Method Exposes User PasswordsOkAccidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services.tawww.darkreading.com/endpoint/okta-post-exploit-method-exposes-user-passwords Post-Exploitation Method Exposes User Passwords

Accidentally typing a password in the username field of the platform saves them to audit logs, to which threat actors can gain access and use to compromise enterprise services.

www.darkreading.com/endpoint/okta-post-exploit-method-exposes-user-passwords

Threat actors are experimenting with QR codes - Help Net Security

QR scan scams trick users into scanning QR codes from their PCs using their mobile devices to take advantage of weaker phishing protection.

www.helpnetsecurity.com/2023/03/21/qr-scan-scams

5 rules to make security user-friendly - Help Net Security

User experience for security should be just as important and as easy as for anything we do, so we need to make security user-friendly.

www.helpnetsecurity.com/2023/03/21/make-security-user-friendly

GitHub's Private RSA SSH Key Mistakenly Exposed in Public Repository

GitHub hastens to replace its RSA SSH host key after an exposure mishap threatens users with man-in-the-middle attacks and organization impersonation.

www.darkreading.com/application-security/github-private-rsa-ssh-key-mistakenly-exposed-public-repository

‎Identity at the Center: #205 - 2023 Gartner US IAM Summit Review on Apple Podcasts

‎Show Identity at the Center, Ep #205 - 2023 Gartner US IAM Summit Review - Mar 27, 2023

podcasts.apple.com/us/podcast/205-2023-gartner-us-iam-summit-review/id1471899975?i=1000606080233

The Last Word

Writing while hungover sucks. Although I powered through it, because it’s Wednesday, it’s the newsletter, and it brings me joy to write about what’s happening in the identity world.

Let's pay attention to the ITDR landscape this year. This niche is the tip of the spear for how identity will evolve into its next iteration. Moving closer to security and having a more security-like feel isn’t a fluke; it’s necessary.

What comes with that is identity practitioners having an understanding of what the broader security landscape looks like. What does it take to investigate a security incident, defend against one, and recover from one? How can IAM systems play a bigger role in that? If you aren’t having these conversations with your identity team today, you 100% need to be. It’s not enough to just say “Hey we provisioned the access the right way”, if you're going say you’re apart of security, then it’s time to be a part of security.

Be Good to each other, Be Kind to each other, Love each other

-Identity Jedi

What did you think of this weeks newsletter?

Login or Subscribe to participate in polls.

The JEDI COUNCIL

The Secret

I will let you in on the MASSIVE secret experienced IAM professionals have kept from you. If you’re a customer, you’re going to be pissed; if you’re a vendor, you might be pissed; and if you’re an implementer, you will absolutely hate me, but nod your head.

Subscribe to Identity Jedi Newsletter to read the rest.

Become a paying subscriber of Identity Jedi Newsletter to get access to this post and other subscriber-only content.

Already a paying subscriber? Sign In

A subscription gets you:
Blogs
Expert Interviews
Expanded Commentary
Early Access to Identity Show content

Join the conversation

or to participate.