NIST and Zero Trust: What is SP 800-207?
NIST and Zero Trust: In light of the recent hack of the Colonial Pipeline – many are turning to the concept of Zero Trust for
YouAttest vs Spreadsheets for Access Reviews – Top 10 Reasons
YouAttest vs Spreadsheets for Access Reviews – Top 10 Reasons Access Reviews are a crucial part for secure enterprises and for meeting industry required compliances:
Active Directory and the Best Practices for Identity Audits
Created by Microsoft and first released in 2000, Active Directory (AD) has been used to manage users, devices, and other resources for the last two decades
Strengthening Your IAM Program with IGA
Had the privilege of doing a well-received podcast w/ rThreat w/ Daniela Applegate as host, titled Strengthening Your IAM Program with IGA. I gladly accepted the invite to talk on
How Much Time Does an Identity Audit Take?
How much time does an Identity Audit take? Whether they’re done yearly, semiannually, or quarterly, enterprises are required to conduct IT audits. During the audit, the IT
YouAttest: User Access Requests/Approvals – Solved!
Completing the identity governance lifecycle for audits, YouAttest has added User Access Requests/Approvals to its portfolio of solutions for Okta customers. To where we
Privilege Escalation and the Cyber Kill Chain
Many of todays attacks can be explained from understanding privilege escalation and the cyber kill chain. Derived from a military model, the Cyber Kill Chain
What is CCM and Access Governance?
Every day, cyberattacks and data breaches affect organizations around the world. Thousands of tools have been deviced to detect and mitigate these attacks. This is
What is the Role of the IT Audit in SOC Reports?
Developed by the American Institute of Certified Public Accountants (AICPA), Service Organization Control (SOC) reports are independent reports designed to establish a framework for the system-level controls
Who Should be Alerted of Privilege Escalation Events?
Hackers get into our systems for data theft and other reasons. The Cyber Kill Chain identifies privilege escalation as a key step, right after exploitation and before
What is an Access Review and How Does it Relate to Your Identity Audit?
Managing user accounts is essential to maintaining the security and integrity of your company’s data. But what is an access review and how does it
Everything You Should Know About HIPAA Violations
Health was on everyone’s mind in 2020 – which means a lot of passing of medical records! The need for portability isn’t waning – so