TechcrunchSecurity: AuthMind raises seed funding for its identity SecOps platform https://techcrunch.com/2023/09/12/authmind-raises-seed-funding-for-its-identity-secops-platform/ #identitysecurity #securitystartups #identitysecops #seedfunding #Security #Startups #AuthMind #maryland #security

Tip: Ensure the security of your identities and prevent unauthorized access with Microsoft Defender for Identity. Detect advanced attacks and insider threats across on-premises and cloud environments. Make sure your Domain Controllers are running the latest agent! #IdentitySecurity #MicrosoftDefender

Why is Identity Security Awareness Becoming the Need of the Hour? - Customer identity security is essential to running a business in the digital age. ... - https://readwrite.com/why-is-identity-security-awareness-becoming-the-need-of-the-hour/ #multifactorauthentication #securityawareness #identitysecurity #dataandsecurity #digitalidentity #strongpasswords

Arrived at Gartner IAM a tad early, armed now with a coffee and having a wander before it gets busy

#gartneriam #identity #identitysecurity

First trip to the Garner IAM Conference in London next week, really looking forward to a proper Identity geek out couple of days. Usual format with multiple tracks so hoping they are recording the sessions for those you always miss.

Not to prep for information overload!

#identity #identitysecurity #gartneriam

The Locksmith Active Directory (AD) Certificate Services (CS) remediation tool has been updated: https://github.com/TrimarcJake/Locksmith

New features:
- Support for Restricted Admin Mode. If RAM is detected, Locksmith will ask to be re-run using the -Credential switch.
- If the AD Powershell module is not installed on Win 10/11, Locksmith will attempt to install it for you.
Note: previously only available on server-class OSes.
- New functions for checking user type and elevation status.
- Auto-generated snippets for ownership issues (a subset of ESC4/ESC5).
- Support for non-English Active Directory evironments!

Next planned updates:
- Add individual CA Hosts to $SafeUsers using SIDs.
- Perform additional environment checks before attempting to run.
- Rename modes to something that makes sense.

#IAM #IdentitySecurity #CertificateServices #ActiveDirectory #ActiveDirectoryCertificateServices #ADCS #PKI #Locksmith #OpenSource #DefensiveSecurity #DefensiveSecurityTooling #Pizza

Trying to find a hotel in London that fits the company policy and ensures it is easy to get to 3 different places around the city in 4 days.

Oh and it needs limit the number of changes I need to make on the Tube in rush hour. 😉 Small city person in the big city

#journeyplanning #gartneriam #identitysecurity

Nested groups and inherited access is the bane of my life

#identitysecurity

It is interesting to see the varied responses from different countries when you advise you are changing the type of MFA we are using. Surprised how even use of an Authenticator app can generate such noise.

#infosec #identitysecurity #mfa

Been sent a proposal on a compensating control for a scenario which on face value seems ok but I just don’t feel comfortable with it in principle. Suspect it will sound irrational when I have to discuss it later but all of the conversations in the last week about it in various forums tell me I can’t support it.

I like to think I’m all about finding solutions to enable progress but I can’t ignore that feeling in my gut.

#dilemma #infosec #identitysecurity

Interesting start to the week, meetings in the diary now to start talking about controls, governance etc on use of AI following Microsoft’s announcement of Teams Premium

#artificialintelligence #ai #identitysecurity

Ever heard of an SEtP? A Super Exception to Process, nope, neither have I but it’s a thing apparently 😳

#infosec #identitysecurity

Seems today is all risk and compliance for me. A morning of discussions on Privileged Access risk followed by a number of sessions lined up for the afternoon related to ISO27001 audits of a number of our IAM processes.

Rock and roll 🤘🏻🤘🏻

#identitysecurity #identity #risk

Interesting conversation with an Identity vendor this morning covering their new capabilities. Most companies I have worked for are years away of leveraging anything new and are at the stage of maturity where consistently meeting the bare requirements is the priority. This won’t really change until Auditors and Regulators ask the right questions consistently outside of the Banking world. It almost feels like a different tier of assessors.

#identitysecurity #audit #infosec

My partners in crime helping me remain sane through a Zero Trust Steerco

#meetinglife #identitysecurity #dogsofmastodon

Prepare yourself for a paradigm shift! Passwordless is more or less here.

For me the big question will be how multi-device authentication actually will work in real life - having devices running mac, windows, linux and iOS.

“There’s no password attacks when there’s no password present,” Alex Weinert, Microsoft’s director of identity security.

https://w3c.social/@w3c/109710664595471515

#password #passwordless #passkeys #security #mfa #fido #WebAuthn #identitysecurity #identitymanagement

Few hours discussing our journey to a Passwordless world with Microsoft. Many different paths we can take with a broad set of dependancies but a great conversation

#identity #identitysecurity

It's on: @sailpoint acquires @seczetta to increase third party #identitysecurity

https://www.businesswire.com/news/home/20230112005739/en/SailPoint-Acquires-SecZetta-to-Provide-Comprehensive-Identity-Security-for-Non-Employee-Identities

As many are at this time of the year I am putting in place the last pieces of my plan for 2023. Whilst it contains all of the usual outcomes relating to technology, risk/audit, service focus etc I have spent a significant amount of time considering whether the plan is conducive to maintaining positive wellbeing across my teams.

Whilst the subject of wellbeing is broad it comes down to something simple for me on whether I am creating the right environment for people to thrive, be themselves and be successful. Creating an immediate burden for them with unrealistic goals to help tick performance boxes at the end of the year should never cross any leaders mind.

Something for us all to think about as we start 2023.

#mentalhealth #wellbeing #people #cybersecurity #identitysecurity

https://hrnews.co.uk/why-a-new-approach-to-workplace-mental-health-is-needed-for-2023/

Thankfully we still don’t need to worry about anyone hacking Zero Trust architecture for another year 🥳😳😉
#identitysecurity #identity #zerotrust
https://www.theedgemarkets.com/article/sharpen-your-2023-vision-time-make-identity-security-your-priority