The 47th Edition of the Identity Jedi Newsletter

BeyondTrust

It’s getting real in these IAM streets. I like this move from BeyondTrust, and integrated platform built around a PAM solution gives a distinct advantage of already being familiar with things like discovery, and light threat detection. It will be interesting to see how well the product works with others, and how well they work with modern architectures and cloud apps.

TLDR of the article:

BeyondTrust has released its Identity Security Insights solution, which aims to provide unparalleled levels of identity and access security. The solution offers a unified view of identities, accounts, and privileged access across multiple environments, with analytics and intelligence providing real-time visualization of potential threats and attack paths. Early adopters have been able to detect and remediate security risks quickly, such as unauthorized access to sensitive systems, over-privileged accounts, and undetectable vulnerabilities. The solution's key features include comprehensive identity and access visibility, identity threat detection, reduced identity attack surface, an integrated ecosystem, and a quick start with instant value.

ConductorOne Raises and takes some shots

Ok, so what I love about this is the following quote from the press release about ConductorOne’s raise.

I love it! Probably the closest thing we will see to trash talk in the corporate world..lol. But, being serious for a second. I don’t see the lie in anything they’ve written here. IF I'M BEING NICE, traditional IGA and PAM platforms were built ten years ago. And I can count on zero hands and fingers how many of them have rebuilt their entire stack from the ground up since then. How many companies had ONE cloud infrastructure setup ten years ago, let along the 6 or 7 they have today. The industry is definitely ripe for newcomers to come and and disrupt, but are they just building a better mousetrap or are they truly innovating?

Taking a look at their team and they are led by two former Okta employees. So, that would lead me to believe that they have core beliefs around:

• Cloud first solutions

• Making solutions simpler. ( Point and Click, first build and script)

• Aggressive marketing

27 Million is no small number, and they have a good customer base. Could be a company to watch.

Stack Identity and the Shadow Access Report

Very interesting report coming from the folks over at Stack Identity. We had the term “Shadow IT”, and now I think we’ve renamed it “Shadow Access,” but marketing names aside, the stats coming from this report are chilling.

• Only 4% of identities are human, while the remaining are non-human identities (automatically generated by APIs, cloud workloads, data stores, microservices, and other multi-cloud services)

• 5% of identities in the cloud have admin permissions

• 28% of policies in the cloud have some level of permission management

• 75% of policies used in cloud environments include write permissions

The gist. Cloud accounts are overprivileged, and, a majority of the time, automated.

YIKES.

Gaslighting the Industry

TOMORROW! You don’t want to miss this webinar as I join Aidan Parisian, (FastPath) and Johanna Baum ( S3) and discuss the ins and outs of identity projects. Do they really need to take as long, is there better ways to approach them?

Will the 49ers start Brock Purdy over Trey Lance!?!?!

Only one way to get the answers.

Become a paying subscriber of Identity Jedi Newsletter to get access to this post and other subscriber-only content.

Already a paying subscriber? Sign In