<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
Curious about how StrongDM works? 🤔 Learn more here!
Search
Close icon
Search bar icon
Search
Close icon
Search bar icon
John Martinez

John Martinez

Technical Evangelist, has had a long 30+ year career in systems engineering and architecture, but has spent the last 13+ years working on the Cloud, and specifically, Cloud Security. He's currently the Technical Evangelist at StrongDM, taking the message of Zero Trust Privileged Access Management (PAM) to the world. As a practitioner, he architected and created cloud automation, DevOps, and security and compliance solutions at Netflix and Adobe. He worked closely with customers at Evident.io, where he was telling the world about how cloud security should be done at conferences, meetups and customer sessions. Before coming to StrongDM, he lead an innovations and solutions team at Palo Alto Networks, working across many of the company's security products.

StrongDM has been featured in Forbes, The New Stack, VentureBeat, DevOps.com, TechCrunch, and Fortune.

Expertise

Security, DevOps, Access, Authentication, Identity and Access Management, Observability, Auditing, Zero Trust, Compliance, Compare

Latest blog posts from John

How to Prevent SQL Injection Attacks: 6 Proven Methods
How to Prevent SQL Injection Attacks: 6 Proven Methods
SQL injection attacks remain one of the most prevalent and dangerous threats to database security. These attacks can compromise sensitive data, disrupt operations, and cause significant financial and reputational damage. Understanding how to prevent SQL injection attacks will help you foster a security-conscious organizational culture.
How To Monitor and Securely Access IoT Devices Remotely
How To Monitor and Securely Access IoT Devices Remotely
Internet of Things (IoT) devices form the backbone of many modern businesses, facilitating operations, collecting valuable data, and enhancing efficiency. However, the widespread deployment of these devices creates numerous entry points for potential attackers. Without robust security measures, you risk exposing critical systems and sensitive information to malicious actors.
What Is Defense In Depth (DiD)? Strategy & Implementation
What Is Defense In Depth (DiD)? Strategy & Implementation
Traditional security measures like simple virus protection, firewalls, and web and email filtering are no longer sufficient to safeguard against the sophisticated tactics used by modern cybercriminals. This heightened complexity means you must implement advanced defense mechanisms that go beyond basic protections, ensuring a resilient and adaptive cybersecurity posture.
MFA Fatigue Attack: Meaning, Types, Examples, and More
MFA Fatigue Attack: Meaning, Types, Examples, and More
This article investigates MFA fatigue attacks. We'll explain how they work, why they're effective, and who they typically target. We'll also provide real-life examples to help your team detect and prevent these threats. You'll leave with a clear understanding of MFA fatigue attacks and tips on how to shore up your cloud security to defend against them.
7 Reasons for Enterprises to Adopt Multi-Factor Authentication (MFA)
7 Reasons for Enterprises to Adopt Multi-Factor Authentication (MFA)
The world we operate in today is far different than it was even a couple years ago. More employees work from remote locations (as of late 2023, more than 12% of U.S. workers are fully remote), and more companies engage the services of freelancers and other outside workers. Organizations must recognize that the traditional physical boundaries no longer apply. They now need to secure a vast array of devices used by employees spread across various locations.
The Importance of Multi-Factor Authentication (How It Works)
The Importance of Multi-Factor Authentication (How It Works)
Getting users' passwords isn’t really that hard anymore. In fact, bad actors employ advanced technology that allows them to snowshoe (test billions of password combinations per second), rendering 90% of user-generated passwords susceptible to attacks. MFA significantly enhances security by requiring a second piece of information to verify a user’s identity. The additional 20 seconds a user spends receiving a code via SMS provides a level of protection that a password alone cannot offer.
What Is User Provisioning? How It Works, Best Practices & More
What Is User Provisioning? How It Works, Best Practices & More
User provisioning is the process of managing user access within an enterprise. It involves creating, managing, and deprovisioning user accounts and access rights across various systems and applications. This includes setting up accounts, assigning roles and permissions, and managing identities.
Audit Logging: Examples, Best Practices, and More
Audit Logging: Examples, Best Practices, and More
Audit logging is essential for maintaining a secure and compliant IT infrastructure. By capturing detailed records of system activities, audit logs provide insights into user actions, system events, and potential security threats. Understanding audit logging helps you identify and address vulnerabilities, ensure regulatory compliance, and enhance overall system integrity.
Zero Trust vs. VPN: What Solution Is Right for You?
Zero Trust vs. VPN: What Solution Is Right for You?
Understanding the core differences between a Zero Trust architecture and a Virtual Private Network (VPN) is an important step in shaping your organization’s cybersecurity strategy. Zero Trust and VPNs offer distinct approaches to security; knowing their functionalities and security philosophies helps you understand when to select one or the other to protect your data effectively—a strategic necessity for robust cybersecurity.
NSA Zero Trust Maturity Guidance Explained (TL;DR Version)
NSA Zero Trust Maturity Guidance Explained (TL;DR Version)
StrongDM is pleased to see that, in April 2024, the National Security Agency of the United States, has released a Cybersecurity Information (CSI) sheet that recommends why and how organizations, public and private, should adopt the Zero Trust (ZT) security model for their data tier of infrastructure. At the core of the recommendations, an organization needs to know what data it possesses, how that data is being accessed, and how to control access to that data.
9 User Authentication Methods to Stay Secure in 2024
9 User Authentication Methods to Stay Secure in 2024
User authentication plays an essential role in securing networks and ensuring that only authorized users can access sensitive data. As our infrastructure transitions from traditional on-premises setups to cloud and hybrid environments, our authentication methods must continue evolving.
Cybersecurity Audit: The Ultimate Guide for 2024
Cybersecurity Audit: The Ultimate Guide for 2024
A cybersecurity audit is a comprehensive assessment of your organization's information systems, networks, and processes that identify vulnerabilities and weaknesses that cybercriminals could exploit. The audit also evaluates the effectiveness of your security controls, policies, and procedures and determines if they align with industry best practices and compliance standards.
Top 9 Zero Trust Security Solutions in 2024
Top 9 Zero Trust Security Solutions in 2024
Zero trust is a security and authentication model that eliminates the assumption of trust and shifts the focus from a traditional security parameter, like a VPN or firewall, to the individual user. Nearly all (92 percent) cybersecurity professionals agree that it’s the best network security approach that exists. In this article, we’ll evaluate the top nine zero trust solutions and help you decide which is right for your organization.
StrongDM vs. AWS SSM Session Manager: Side-by-Side Comparison
StrongDM vs. AWS SSM Session Manager: Side-by-Side Comparison
Both AWS Systems Manager (SSM) Session Manager and StrongDM are solutions for gaining remote access to critical infrastructure. Yet, while they share some of the same capabilities required of an enterprise access management platform, the execution and the ultimate goals they accomplish for security and compliance teams are very different.
StrongDM app UI showing available infrastructure resources
Connect your first server or database, without any agents, in 5 minutes.
Try it free