Access Management


Operation panopticon: How a weak IAM strategy led to the security camera hack across organizations

On March 9, 2021, Verkada, a software company that specializes in making security cameras for monitoring physical access control, was subject to a security hack. Hackers gained access to the video feed of at least 15 thousand cameras deployed across various locations and exposed the inner workings of hospitals, clinics, and mental health institutions; banks; police departments; prisons; schools; and companies like Tesla and Cloudflare.


IAM Policies: Good, Bad & Ugly

In my last post we looked at the structure of AWS IAM policies and looked at an example of a policy that was too broad. Let's look at a few more examples to explore how broad permissions can lead to security concerns. By far the most common form of broad permissions occurs when policies are scoped to a service but not to specific actions.


Five Ways Identity and Access Management (IAM) Cuts the Cost of Unemployment Insurance Fraud

Recent web searches show the massive volume of unemployment insurance fraud occurring across the United States. The increase in unemployment claims due to job losses stemming from the COVID-19 pandemic, coupled with aging IT systems, have led to an increase in identity theft, fraud, and loss of federal tax dollars. The State of Rhode Island estimates 43% of its unemployment claims in the past year may be fraudulent. California lost over $11 billion dollars to fraud in the past year.


AWS IAM Privilege Escalation - Threat Research Release March 2021

The Splunk Threat Research Team recently developed an analytic story to help security operations center (SOC) analysts detect adversaries attempting to escalate their privileges and gain elevated access to Amazon Web Services (AWS) resources. In this blog, we’ll walk you through an AWS privilege escalation analytic story, demonstrate how we simulated these attacks using Atomic Red Team, collect and analyze the AWS cloudtrail logs, and highlight a few detections from the March 2021 releases.


IAM Policy Basics and Best Practices

One of the most powerful aspects of AWS is their Identity and Access Management (IAM) service. The obvious aspect of its power is that it controls who can do what with all the resources inside your AWS account. But the non-obvious side is how configurable it is. You can encode permissions that are so finely grained that a Lambda Function could, for example, be given just enough permissions to be able to read one attribute from one record for the current user of a DynamoDB Table.


Identity and Access Management vs Password Managers: What's the Difference?

Identity and access management best practices dictate that an organization provide one digital identity per individual. That identity can be maintained, monitored, and modified as needed while the user works on different projects and in different roles. However, strong IAM requires the use of tools and platforms, in addition to the principle of least privilege, to keep valuable information secure. [Read: 5 Identity and Access Management Best Practices]


Five Key Identity Governance Features That Your Identity and Access Management Solution Does NOT Support

Since the start of the COVID-19 pandemic, identity management has taken center stage as the key enterprise security practice for enabling remote workforces while protecting company data and IT services.


IAM 101 Series: What Is Hybrid IAM?

Cloud identity and access management (IAM) is a fast-growing trend that is predicted to extend well into the future. For example, Verified Market Research alone projects that, by 2027, the market for cloud IAM will be more than $14 billion. Yet, while the cloud-based IAM market is exploding, the reality is not all roses. In our last IAM 101 post, What are Hybrid IT and Hybrid Cloud?, we discussed the differences, benefits, and disadvantages of hybrid IT and hybrid cloud.


IAM 101 Series: What are Hybrid IT and Hybrid Cloud?

Organizations are rapidly adopting hybrid IT and hybrid cloud architectures. In fact, Gartner predicts that spending on public cloud services in 2021 will total more than $304 billion. And, as it pertains to identity and access management (IAM), Verified Market Research projects that, by 2027, the market for cloud-based IAM will be more than $14 billion.


How to prevent supply chain attacks by securing PAM

The SolarWinds supply chain attack against the US Government was the largest and most sophisticated breach in history. A post mortem operation is still underway and with every stage of its progression, cybersecurity experts become increasingly flabbergasted at the INNOVATIVE complexity of the techniques used. But despite nation-state's efforts to conceal their tactics, they left some highly-valuable clues about their methods that could be leveraged to sharpen supply chain attack defenses.