Trust is an essential cornerstone in access management. However, not all trust is created equal. When it comes to how you approach access, two types of trust stand out: implicit trust and explicit trust.
Posts by Category:
- Security
- Access
- Auditing
- Policy
- SOC 2
- Privileged Access Management
- Compliance
- Identity and Access Management
- Zero Trust
- Authentication
- DevOps
- Compare
- Team
- Databases
- Integrations
- Product
- Podcasts
- Productivity
- AWS
- ISO 27001
- SSH
- Dynamic Access Management
- Kubernetes
- Observability
- Role-Based Access Control
- Secure Access Service Edge
- Webinars
- Events
- HIPAA
- Engineering
- NIST
- Onboarding
- Passwordless
- Offsites
- PCI
- Platform
![Joiners, Movers, and Leavers (JML) Process (How to Secure It)](https://discover.strongdm.com/hubfs/joiners-movers-and-leavers.jpg)
People come, and people go, and while digital identities should cease to exist after a departure, many times, this doesn’t happen. At any given time, organizations can have thousands of user identities to manage and track, so when processes aren’t automated, it’s easy for many identities to fall through the cracks. This phenomenon is called Identity Lifecycle Management, and when it comes to access and security, it’s worth the time to get it right.
![Reduce Security Risk with StrongDM Device Trust](https://discover.strongdm.com/hubfs/device-trust.png)
We are thrilled to announce a new feature to our StrongDM® Dynamic Access Management (DAM) platform: Device Trust. This feature amplifies your organization's security posture by employing device posture data from endpoint security leaders CrowdStrike or SentinelOne.
![How to Meet NYDFS Section 500.7 Amendment Requirements](https://discover.strongdm.com/hubfs/nydfs-part-%20500-7.png)
The New York Department of Financial Services (“NYDFS”) Cybersecurity Regulation is a set of comprehensive cybersecurity requirements that apply to financial institutions operating in New York. The goal of the regulation is to ensure that the cybersecurity programs of financial institutions have robust safeguards in place to protect customer data and the financial sector.
![AWS Well-Architected Framework Security Best Practices](https://discover.strongdm.com/hubfs/aws-well-architected-framework-best-practices.png)
The AWS Well-Architected Framework has been a staple for many years for AWS practitioners of all sorts, including cloud architects and platform engineers. It’s a blueprint for architectural and design best practices that will lay the foundation for resilience, operational efficiency, and security on the AWS Cloud.
![Fine-Grained vs. Coarse-Grained Access Control Explained](https://discover.strongdm.com/hubfs/fine-grained-vs-coarse-grained-access-control.png)
If credentials fall into the wrong hands, intruders may enter a network and launch a disastrous attack. In fact, 46% of cybersecurity incidents involve authentication credentials, according to the Verizon 2022 Data Breach Investigations Report. Organizations have two general ways to determine someone’s access rights once past initial authentication: Coarse-grained access control (CGAC), which relies on a single factor, and fine-grained access control (FGAC), which relies on multiple factors.
![MITRE ATT&CK Framework Containers Matrix for Kubernetes](https://discover.strongdm.com/hubfs/mitre-attack-matrix-for-kubernetes.png)
If you’re Kuberntes admin and you’re not familiar with the tactics outlined in the MITRE ATT&CK framework, this blog post is for you. MITRE ATT&CK framework is an extensive knowledge base of tactics and techniques employed by bad actors that defensive security experts use to help defend their organizations against attack, and many times, used by their offensive security counterparts to test their weaknesses.
![CIS Kubernetes Benchmark Implementation Recommendations](https://discover.strongdm.com/hubfs/cis-kubernetes-benchmark.png)
The CIS Kubernetes Benchmark is a set of prescriptive recommendations assembled to guide administrators to achieve good security hygiene and results in strength security outcomes for their Kubernetes environments.
![The Access Management Bill of Rights](https://discover.strongdm.com/hubfs/Copy%20of%20Access%20Workflows%20Blog%20Image.png)
I'm continuously shocked by how poorly the PAM industry has treated customers to date. Shame on CyberArk, Delinea, and all the rest of you for persisting with such predatory models. The business model is "squeeze the blood out of them, then squeeze harder." The deployment model is "you'll never ...
![5 Reasons to Level Up From Identity to Dynamic Access Management](https://discover.strongdm.com/hubfs/fork-in-the-road-map.jpg)
Historically, finding an infrastructure access management solution that is secure while still being easy to use has been extremely difficult. Too often, ease of use and complexity end up at odds. StrongDM addresses this challenge–and does so by integrating with your existing identity-based security initiatives. This blog details how StrongDM enables organizations to level up their access management approach to meet the requirements of Dynamic Access Management (DAM), bolster security, and
![StrongDM vs. CyberArk: Side-by-Side Comparison](https://discover.strongdm.com/hubfs/strongdm-vs-cyberark.jpg)
Both StrongDM and CyberArk are privileged access management solutions to provide secure access to backend infrastructure. While there are many similarities between the two solutions, there are also some key differences.
![Unlocking Zero Trust: The Kipling Method for Policy Writing](https://discover.strongdm.com/hubfs/kipling-method-zero-trust.jpg)
To embark on a successful Zero Trust journey, it's crucial to articulate and implement policies that align seamlessly with your business model. The Kipling Method serves as a guiding light in this endeavor. Let's delve into the six fundamental questions it poses.
![Simplifying AWS Access with StrongDM Without Compromising Security Posture](https://discover.strongdm.com/hubfs/simplifying-aws-access.jpg)
Since Amazon Web Services first announced it in 2011, AWS IAM has evolved to become the gateway to the AWS Cloud. Organizations cannot interact with their cloud resources and its many services without it. Identity, not networking, is the real access boundary.
![Feature Deep Dive: Access Workflows](https://discover.strongdm.com/hubfs/Access%20Workflows%20Image.png)
Standing Credentials. They’re a problem that seems to persist despite the latest security and access innovations. They’re also one of the main reasons that achieving zero trust is so hard–and enough of a problem that two strategic security initiatives have come to the forefront: Just-in-Time (JIT) access and Zero Standing Privileges (ZSP).