All news with #identity security tag

🔒 CrowdStrike has been named a Customers’ Choice in the 2026 Gartner Peer Insights Voice of the Customer for User Authentication report. For the second consecutive year it led with the highest volume of verified reviews, receiving 129 five‑star ratings out of 179 responses and a 96% Willingness to Recommend score. CrowdStrike highlights Falcon Next‑Gen Identity Security as an AI‑powered, continuous identity protection solution and notes intent to acquire SGNL to add continuous dynamic authorization and remove standing privileges.

🔐 CyberArk is joining Palo Alto Networks to elevate identity security as a core platform pillar for cloud, automation and AI-driven environments. The post argues identity is now the primary attack vector: machine identities outnumber humans by more than 80:1 and 87% of organizations experienced multiple identity-centric breaches in the past year. It calls for continuous visibility, dynamic privilege controls and unified governance to secure human, machine and AI agents and reduce opportunities for lateral movement.

🔒 Administrators can now configure Amazon WorkSpaces Secure Browser portals to use custom domains, replacing the default portal URL to align browser sessions with organizational branding. After adding the custom domain and routing traffic via a reverse proxy (for example, Amazon CloudFront), Secure Browser redirects users to the configured domain after authentication. Authentication supports AWS Identity Center or a customer IdP with both IdP-initiated and SP-initiated flows, and the feature is available at no extra charge in 10 AWS Regions.

🔒 The article argues that organizations commonly mistake tenure, performance, or verbal commitment for durable loyalty, creating a blind spot for insider risk. Loyalty is dynamic—shaped by fairness, hardship, and alignment—and can erode into resentment, data theft, or sabotage. The author advocates continuous, tiered verification, privacy-respecting monitoring, and AI-aware controls, citing Trusted Workforce 2.0 as a blueprint and cost comparisons that favor proactive programs.

🔎 Orchid Security has introduced an continuous identity observability platform that discovers, analyzes, and governs identity usage inside enterprise applications. The solution instruments applications to reveal embedded credentials, non‑human identities, custom authentication flows, and access paths that bypass IAM controls. It then prioritizes risks, routes findings to control owners, and integrates with IAM, PAM, and GRC workflows to drive remediation and provide continuous audit-ready evidence.

🔐 AI agents—custom GPTs, copilots, coding agents and other autonomous tooling—are proliferating in production while remaining largely outside traditional IAM, PAM, and IGA controls. The piece argues for treating agents as a distinct identity class and applying continuous identity lifecycle management to ensure visibility, ownership, dynamic least privilege, and auditability. Rather than slowing adoption, this approach positions identity as the control plane for balancing innovation and security.

🔐 Non-human identities — service accounts, API keys, automation credentials and AI agents — are proliferating across cloud environments and often sit outside governance, creating high-risk blind spots. The author recounts finding a dormant Azure service account with owner-level access and dozens of similar accounts, and cites industry data showing machine-to-human ratios of up to 500:1. He recommends continuous discovery, strict least-privilege defaults, elimination of static credentials and automated rotation to reduce this primary breach vector.

🔍 This post explains how to scale AWS Managed Microsoft AD by choosing between scale-up (edition upgrade to Enterprise) and scale-out (adding domain controller instances), and shows how to use Amazon CloudWatch dashboards to monitor directory health. It highlights key metrics—CPU, memory, disk, I/O, network, and DNS—recommended thresholds, and alerting guidance to inform scale decisions. The guidance recommends preferring reversible scale-out for capacity issues and reserving scale-up for Enterprise-only features such as multi-Region replication and large object counts.

🔐 Taylor Lehmann outlines five CISO priorities for 2026, urging leaders to align compliance work with broader operational resilience rather than treating regulation as the only objective. He emphasizes securing the AI supply chain with end-to-end provenance and tools such as SLSA and SBOM, and strengthening identity management for humans and agents. Lehmann also calls for defenses that operate at machine speed and for improved AI governance through context, advanced testing, and red teaming.

🔒 AI integration has shifted public-sector cybersecurity in 2026, forcing agencies to adopt AI-native detection and autonomous response, continuous identity verification, and secure-by-design AI deployments. Nation-state actors now automate intrusion, deception, and tailored malware, expanding risk to IT, OT and research environments. Agencies must consolidate platforms, accelerate post-quantum planning, and govern AI at mission scale.

🔐 Microsoft recommends four priorities for identity and network access in 2026: deploy fast, adaptive AI protection; manage and govern AI agents as first-class identities; unify identity and network controls into an Access Fabric; and strengthen identity foundations with phishing-resistant credentials and high-assurance recovery. The post cites Microsoft Entra capabilities and studies showing faster, more accurate admin workflows, and emphasizes applying Zero Trust to agents, networks, and devices.

🔒 Orphan accounts — abandoned human, service, and AI‑agent identities — create persistent, unseen access across applications, platforms, assets, and cloud consoles. These dormant accounts often evade traditional IAM and IGA tools due to integration gaps, unclear ownership, and proliferation of non‑human identities. Continuous identity audit using application telemetry and a unified audit trail can detect, flag, and automatically remediate or decommission orphaned accounts. Orchid positions its Identity Audit as connective evidence to inform IAM decisions.

🔒 Modern security must treat identity as the perimeter rather than the network. As remote work and cloud adoption dissolved traditional edges, attackers increasingly target credentials — a trend underscored by reports from Verizon, Microsoft and Okta — making identity the primary attack surface. Organizations must adopt Zero Trust identity controls such as MFA, SSO, RBAC, PAM, device trust and continuous, adaptive monitoring, and treat identity lifecycle and privilege management as core infrastructure.

🔒 As CISOs prepare for 2026, seven pragmatic projects can strengthen defenses against evolving threats. Priorities include transforming identity and access to cover human and non-human agents and reinforcing email security. Organizations should leverage AI for vulnerability discovery and security automation, enforce enterprise AI governance, adopt a zero-trust-by-default posture, and unify data governance to reduce shadow data and compliance gaps.

🔒 In conversations with Southeast Asia CISOs, leaders forecast 2026 as a year when AI and cloud become prime attack surfaces, forcing a shift from perimeter defenses to identity- and resilience-centered strategies. They emphasize hardening cloud and AI infrastructure, treating identity as the active perimeter, instrumenting browsers and agents for forensic clarity, and operationalizing resilience both as capability and — in some financial institutions — as a product. Supply‑chain fragility, agentic AI autonomy, session hijacking, and IT‑OT convergence are highlighted as priority risks demanding continuous verification, scoped agent controls, and stronger vendor governance.

🔐 Australia's 2026 law banning under-16s from social media has reignited debate over whether internet services should require identity verification. Tony Anscombe argues that distinguishing verified and unverified users could reduce abuse, targeted fraud and underage exposure while letting people filter unwanted content. He warns verification methods (biometrics, government ID) carry privacy and data-retention risks and that bans may drive minors to circumvent restrictions, so a balanced regulatory approach is needed.

🔐 CrowdStrike will acquire identity security startup SGNL for $740 million to add real-time, risk-aware authorization that grants or revokes access based on current signals rather than static permissions. The deal, expected to close in CrowdStrike’s fiscal Q1 ending April 30, will be paid mostly in cash with some stock subject to vesting. SGNL’s technology layers with existing identity systems from Okta, Microsoft, and AWS, evaluating contextual signals — user behavior, device posture, and threat intelligence — to enforce continuous authorization and address rising machine-identity and AI-agent risks.

🔐 Jamie Norton, CISO at ASIC and vice chair of ISACA, describes persistent cyber challenges across government and financial sectors. He points to legacy systems, weak foundational hygiene, and the need to align people, process and technology while warning that rapid advances in AI will change roles and tooling. Norton emphasizes executive accountability, mentorship, training and a mission-driven culture to retain talent, and champions the mantra Do the basics brilliantly.

🔐 Microsoft will require MFA for all users signing into the Microsoft 365 admin center and will block accounts that do not have MFA enabled starting February 9, 2026. The enforcement covers portal.office.com/adminportal/home, admin.cloud.microsoft, and admin.microsoft.com and follows an initial rollout that began in February 2025. Administrators are urged to enable MFA using Microsoft's setup wizard or official documentation to avoid service interruptions; Microsoft notes that MFA significantly reduces the risk of account compromise.

🔒 CrowdStrike announced an agreement to acquire SGNL to enhance identity-first security across its Falcon platform. The acquisition will integrate SGNL into Falcon Next-Gen Identity Security, providing continuous, context-aware authorization for human, non-human, and AI agent identities. SGNL’s runtime enforcement layer will ingest Falcon risk signals and centralize telemetry to enable just-in-time access, replacing standing privileges with dynamic, risk-aware permissions to reduce the identity attack surface.