Identity and Access Management (IAM) platforms are necessary to consolidate and centrally manage user information. However, the enforcement of user access control during run time is where most IAM platforms fall short of being able to thwart attack and mitigate compromise.
Identity-based compromises are almost weekly news headlines and many of the breaches have common characteristic of the underlying architecture that makes these environments susceptible. The methods and technologies that are used to achieve policy enforcement are not designed with cybersecurity in mind, and thus are not secure.
- The security challenges of modern identity-based software
- Principles of data security and identity access control
- How to harden the Policy Enforcement Points (PEPs) in your identity infrastructure
- How to create a cyber-hardened solution leveraging API security gateway technology