All news with #iam tag

Adopting Remote Privileged Access: The Shift to RPAM

🔒 Remote Privileged Access Management (RPAM) provides a cloud-native approach to securing privileged accounts beyond traditional perimeters, enabling administrators, contractors and third-party vendors to connect securely from any device or location. RPAM enforces least-privilege, Just-in-Time access and multi-factor authentication while recording detailed session logs without relying on VPNs. By supporting zero-trust principles and scalable deployments, RPAM reduces attack surface and streamlines compliance.

Making the Most of Multicloud: Strategy and Security

☁ IT leaders must align business goals, governance, and security to realize multicloud benefits while managing complexity. This report outlines five core challenges — including visibility, compliance, and developer productivity — and provides guidance on securing multicloud deployments. It also examines ROI strategies and a practical checklist to maximize value and efficiency.

Microsoft to Block Unauthorized Scripts in Entra ID

🔒 Microsoft will update its Content Security Policy to block unauthorized script injection during browser-based Entra ID sign-ins at login.microsoftonline.com. The policy will permit script downloads only from Microsoft-trusted CDN domains and allow inline execution solely from trusted Microsoft sources. Rolled out globally in mid-to-late October 2026 under the Secure Future Initiative, the change excludes Microsoft Entra External ID. Organizations should test sign-in flows and avoid browser extensions or tools that inject code to prevent authentication friction.

ServiceNow in Talks to Acquire Identity Firm Veza

🔐 ServiceNow is reportedly in advanced talks to acquire identity-security startup Veza for more than $1 billion, a deal that could be announced next week. The move would pair ServiceNow's recent AI automation capabilities from Moveworks with Veza's Authorization Graph to map and govern permissions for human and machine identities. For customers, the acquisition aims to close trust and governance gaps around AI agents and non-human accounts, though integration, licensing, and standalone availability questions remain.

AWS API MCP Server Now Available on AWS Marketplace

🔐 The AWS API MCP Server is now available on AWS Marketplace, enabling customers to deploy the Model Context Protocol (MCP) server to Amazon Bedrock AgentCore as a managed offering. The marketplace deployment provides built-in authentication (SigV4 or JWT), session isolation, and simplified container management while enabling configurable IAM roles and network settings to meet enterprise security requirements. Customers also benefit from AgentCore's logging and monitoring capabilities and regional availability where Bedrock AgentCore is supported.

Agentic AI Security Use Cases for Modern CISOs and SOCs

🤖 Agentic AI is emerging as a practical accelerator for security teams, automating detection, triage, remediation and routine operations to improve speed and scale. Security leaders at Zoom, Dell, Palo Alto and others highlight its ability to reduce alert fatigue, augment SOCs and act as a force multiplier amid persistent skills shortages. Implementations emphasize augmentation over replacement, enabling continuous monitoring and faster, more consistent responses.

AWS Secrets Manager Introduces Managed External Secrets

🔐 AWS Secrets Manager now supports managed external secrets, a new secret type that standardizes storage and enables automated rotation for third-party application credentials such as Salesforce, Snowflake, and BigID. The feature separates rotation metadata from secret values and integrates directly with providers to remove the need for custom rotation functions. It leverages existing IAM, CloudWatch, CloudTrail, GuardDuty, and KMS controls and follows standard Secrets Manager pricing with no additional charge.

2026 Predictions: Autonomous AI and the Year of the Defender

🛡️In 2026 Palo Alto Networks forecasts a shift to the Year of the Defender as enterprises counter AI-driven threats with AI-enabled defenses. The report outlines six predictions — identity deepfakes, autonomous agents as insider threats, data poisoning, executive legal exposure, accelerated quantum urgency, and the browser as an AI workspace. It urges autonomy with control, unified DSPM/AI‑SPM platforms, and crypto agility to secure the AI economy.

Telecom Security Reboot: Making Zero Trust Operational

🔒 Telecom operators must abandon perimeter assumptions and adopt a zero trust mindset that treats verification as continuous rather than a one-time event. This shift is organizational as much as technical, requiring unified IT/OT policies, least-privilege access and microsegmentation to limit lateral movement. The article recommends pragmatic steps — wrapping legacy systems with secure gateways and centralized authentication — and aligning controls with frameworks such as NIST and NIS2, while tracking concrete KPIs in the first 180 days.

Year-End Cybersecurity Spend: Focus on Measurable Risk

🔒 As year-end budgets close, organizations should prioritize security purchases that reduce real business risk and produce measurable outcomes. Skip vendor wish lists; focus on strengthening identity controls — expanding MFA, tightening privileged access, and auditing Active Directory — and on short, outcome-based engagements such as attack-surface reviews, tabletop exercises, and purple-team testing. Consolidate redundant tools, pre-buy continuity capacity, and document KPIs to justify future funding.

8 Effective Multicloud Security Tips and Best Practices

🔐 Multicloud adoption improves flexibility but introduces security and visibility risks unless managed centrally. Establish a central authority to define strategy, enforce policies and select cross-cloud tools, while implementing unified governance backed by identity management and automation. Treat every environment as a single trust boundary, enforce least privilege, and correlate telemetry for a unified detection-and-response posture. Limit access with short-lived sessions, recording and DLP to reduce attack surface and support auditability.

Practical Steps to Minimize Key Exposure in AWS Environments

🔐 This AWS Security blog by Jennifer Paz outlines a layered, practical approach to reduce exposure from long‑term AWS credentials. It recommends discovery and risk assessment with CodeGuru Security, IAM Access Analyzer, credential reports, and Trusted Advisor, followed by enforcement using SCPs and RCPs to create a network data perimeter. The post also covers runtime protections (security groups, NACLs, Network Firewall, AWS WAF), automated rotation using Secrets Manager or rotation patterns, and threat detection via GuardDuty, all intended to bridge the gap until migration to temporary credentials is feasible.

AWS Transfer Family Terraform Module Adds Custom IdP

🚀 The AWS Transfer Family Terraform module now supports provisioning Transfer Family servers with a custom identity provider (IdP), enabling integration with existing authentication systems and centralized access control. This update automates deployment of SFTP, FTPS, FTP, AS2 and browser-based endpoints using Terraform, removing repeated manual configuration. The module is built on the open source Custom IdP solution and includes an Amazon Cognito example to help teams get started quickly.

Grafana fixes critical SCIM flaw enabling user impersonation

🔒 Grafana has released security updates to address a maximum-severity flaw (CVE-2025-41115) in its SCIM provisioning component that can enable user impersonation or privilege escalation under specific configurations. The issue allows a malicious or compromised SCIM client to provision a user with a numeric externalId that may be mapped to an internal user ID. It affects Grafana Enterprise 12.0.0–12.2.1 and was fixed in 12.0.6+security-01, 12.1.3+security-01, 12.2.1+security-01 and 12.3.0. Grafana discovered the bug during an audit on November 4, 2025 and urges immediate patching.

Agentic AI Security Scoping Matrix for Autonomous Systems

🤖 AWS introduces the Agentic AI Security Scoping Matrix to help organizations secure autonomous, tool-enabled AI agents. The framework defines four architectural scopes—from no agency to full agency—and maps escalating security controls across six dimensions, including identity, data/memory, auditability, agent controls, policy perimeters, and orchestration. It advocates progressive deployment, layered defenses, continuous monitoring, and retained human oversight to mitigate risks as autonomy increases.

Turning Threat Intelligence into Real Security Wins

🛡️ Modern SOCs drown in threat feeds; the problem is not data but converting it into repeatable decisions. The article lays out an operating model that makes CTI a business capability by centring work on Priority Intelligence Requirements (PIRs), engineering a single pipeline for collection, normalization and automated enrichment, and prioritizing behaviour‑first detections mapped to MITRE ATT&CK. It prescribes SOAR orchestration with human checkpoints, de‑duplication and scoring by relevance and visibility, and integration of intel into incident response and threat hunting. The result: measurable loss avoidance, reclaimed analyst capacity and executive reporting that drives concrete decisions.

An Open Letter to Cybersecurity Vendors and Investors

🔊 The cybersecurity market is awash in noise: vendors and investors chase flashy pitches while the long-standing vulnerabilities that cause real breaches remain neglected. The author argues CISOs don’t buy technology so much as they buy reduced risk and confidence, so purchases must fit roadmaps, integrate cleanly, and be sustainable. He prioritizes visibility, identity, automation that empowers people, and tools that reinforce fundamentals like patching and segmentation. Hype, overlapping products, and complexity are rejected in favor of practical reliability.

AWS introduces aws login for secure developer access

🔐 The new aws login CLI command lets developers obtain temporary programmatic credentials using the same sign-in method as the AWS Management Console, eliminating the need to create and manage long-term access keys. The command opens a browser-based OAuth2 flow and supports root/IAM user sign-in as well as federated identity providers. Issued credentials auto-rotate every 15 minutes and remain valid up to the IAM session duration (maximum 12 hours). Aws login integrates with profiles, remote development workflows, AWS SDKs, AWS Tools for PowerShell, and legacy SDKs via credential_process.

Generative AI Drives Rise in Deepfakes and Digital Forgeries

🔍 A new report from Entrust analyzing over one billion identity verifications between September 2024 and September 2025 warns that fraudsters increasingly use generative AI to produce hyper-realistic digital forgeries. Physical counterfeits still account for 47% of attempts, but digital forgeries now represent 35%, while deepfakes comprise 20% of biometric frauds. The report also highlights a 40% annual rise in injection attacks that feed fake images directly into verification systems.

Rethinking Identity in the AI Era: Building Trust Fast

🔐 CISOs are grappling with an accelerating identity crisis as stolen credentials and compromised identities account for a large share of breaches. Experts warn that traditional, human-centric IAM models were not designed for agentic AI and the thousands of autonomous agents that can act and impersonate at machine speed. The SINET Identity Working Group advocates an AI Trust Fabric built on cryptographic, proofed identities, dynamic fine-grained authorization, just-in-time access, explicit delegation, and API-driven controls to reduce risks such as prompt injection, model theft, and data poisoning.