< ciso
brief />
Tag Banner

All news with #identity security tag

168 articles · page 4 of 9

Identity Security: The New Pressure Point in Cyberattacks

🔐 Microsoft argues that identity is the primary pressure point for modern cyberattacks as organizations manage proliferating human, non-human, and agentic identities across disparate systems. The post highlights that fragmentation—duplicative solutions and too many vendors—creates visibility gaps that enable lateral movement. It outlines a unified model built on Microsoft Entra, a real-time identity control plane including Conditional Access, and integrated threat protection, and describes AI-driven triage with Security Copilot to accelerate response and reduce analyst fatigue.
read more →

Hackers Exploit Identity Systems at Industrial Scale

🔐 The SentinelOne Annual Threat Report for 2026 warns that attackers are executing identity-based compromises at industrial scale, abusing legitimate enterprise accounts and identity systems. These intrusions often bypass or subvert MFA — including through readily available MFA-bypass kits and coercive push attacks — leaving traditional defenses blind. The report also highlights fake-persona recruitment campaigns, including deepfake-enabled interviews, and warns of administrative account takeovers that can disable MFA organization-wide.
read more →

Zero Trust: Bridging Authentication and Device Trust

🔒 The perimeter model has broken down as workforces go hybrid, and many Zero Trust deployments miss a key link between identity and session authorization. Specops Device Trust argues that authentication must be contextualized with real-time device posture checks to prevent token theft and session hijacking. Binding identity to a verified device and continuous monitoring lets organizations enforce dynamic, low-friction policies that reduce risk.
read more →

Gartner Market Guide Marks Emergence of Guardian Agents

🔒 Gartner's inaugural Market Guide for Guardian Agents defines a new enterprise control layer that supervises AI agents to keep their actions aligned with organizational goals and boundaries. The article stresses risks from unmanaged non-human identities—so-called identity dark matter—and lists mandatory capabilities across visibility, continuous assurance, and runtime enforcement. It urges enterprises to adopt an enterprise-owned guardian layer rather than relying solely on platform-native controls.
read more →

Securing Agentic AI: End-to-End Enterprise Protections

🔒 Microsoft presents an end-to-end strategy to secure agentic AI with the new Agent 365 control plane and updates across Microsoft Defender, Entra, Purview, and Sentinel. Announced for RSAC 2026, these measures focus on visibility, continuous identity protection, data loss prevention for Copilot prompts, and prompt-injection defenses to help organizations observe, govern, and defend agent ecosystems at scale.
read more →

Behavioral Analytics for Defending Against AI Attacks

🛡️ AI-enabled cyber attacks increasingly mimic legitimate users, rendering signature- and rule-based defenses insufficient. Modern identity security must adopt continuous, context-aware risk modeling that evaluates identity, device and session context in real time to detect subtle deviations. Organizations should extend monitoring across cloud, endpoints and privileged accounts, enforce Just-in-Time (JIT) access and consolidate behavioral analytics with session monitoring and granular controls to limit credential abuse and insider misuse.
read more →

Identity Attacks Rise: Adversaries Seek Invitations

🧛 Cisco Talos highlights a growing trend in 2025: attackers increasingly seek to be authorised as legitimate users rather than relying solely on loud exploits. Telemetry shows nearly a third of MFA spray attacks targeted IAM applications and fraudulent device registrations surged 178%, indicating adversaries focus on the mechanisms that grant access. Talos urges organisations to harden authentication, prioritise patching, manage EOS/EOL devices, and adopt phishing-resistant controls as part of a broader defensive posture.
read more →

Preventing Privilege Escalation via Password Resets

🔒 Many organizations invest heavily in login protections but leave password reset paths less scrutinized, creating an easy escalation route once attackers gain a foothold. The article explains common abuse scenarios — from helpdesk social engineering and intercepted reset tokens to misuse by over-permissioned admins — and recommends seven practical mitigations, including MFA, device posture checks, strict password policies, and avoiding knowledge-based authentication. It also highlights Specops tools to harden reset workflows and block breached passwords.
read more →

Mesh CSMA Reveals and Breaks Attack Paths to Crown Jewels

🔍 Mesh CSMA operationalizes Gartner's Cybersecurity Mesh Architecture to unify disparate security tools into a single, contextual risk model that reveals multi‑hop attack paths to crown jewels. The agentless platform automatically discovers critical assets, builds an identity‑centric Mesh Context Graph™, correlates misconfigurations, entitlements, and vulnerabilities, and ranks complete attack chains by live threat intelligence. It prescribes and orchestrates precise cross‑domain remediations mapped to existing tooling and continuously validates detection coverage so teams can close exploitable paths before they are used.
read more →

Proving the Person on the Other Side Is Real, 2026 Test

🔐 By 2026, the central competition in identity-related work will be the ability to prove that the person behind a high-impact action is a real, accountable human. Generative AI and deepfakes create synthetic identities that can pass routine checks, contaminate risk models and hijack estate workflows. Defenses must focus on provenance, cross-channel consistency and continuous, risk-based verification tied to audit-grade trails.
read more →

Top 5 Actions CISOs Must Take to Secure AI Agents Now

🔐 Treat AI agents as first-class identities and enforce identity-based access across systems and APIs. The author argues CISOs must move beyond prompt guardrails to explicit authentication, scoped permissions, continuous logging, and monitoring of tokens, service accounts, OAuth grants, and keys. Organizations should discover shadow AI, map agent access, and enforce intent-aware controls. Full lifecycle governance — ownership, rotation, reviews, and decommissioning — is required to prevent privilege creep and data loss while enabling safe autonomy.
read more →

Evolution of Iranian Cyber Threats and Identity Risks

🔒 Iranian-aligned threat actors are shifting from bespoke destructive wipers to weaponizing privileged identities and native management features. Rather than deploying novel binaries, attackers compromise high-privilege accounts and use legitimate MDM/RMM or cloud consoles to push remote-wipe and factory-reset commands at scale. This living-off-the-land approach bypasses traditional endpoint telemetry and enables rapid, high-impact disruption across managed tenants. Defenders must prioritize identity resilience, Zero Trust, and immutable backups to maintain survivability.
read more →

What It Takes to Win the CSO or CISO Role Today: Guide

🔒 CSO and CISO roles have shifted from technical gatekeepers to board-level leaders accountable for resilience, compliance, and business enablement. Recruiters and incumbent executives emphasize a T-shaped background — deep domain expertise plus broad business fluency — including identity and access management, cloud operations, AI risk, and security automation. Candidates must translate security investments into enterprise value and demonstrate continuous assurance; negotiation, delegation, and measurable outcomes now define success.
read more →

Cloud Run: IAP integration and DRS-compatible public access

🔒 Cloud Run now supports direct Identity-Aware Proxy (IAP) integration and a new option to allow public access compatible with Domain Restricted Sharing. Enable IAP with a single click or via the --iap flag without provisioning load balancers, bringing context-aware, enterprise-grade authentication to serverless apps at no added load balancer cost. The 'Allow Public access' toggle disables the IAM invoker check to support public websites or private microservices that rely on network-level or organizational controls, and IAP’s CORS handling permits unauthenticated OPTIONS for preflight while authenticating other requests.
read more →

AWS at RSAC 2026: Unifying Security and Data for AI

🔒 Visit AWS at booth S-0466 in South Expo to experience interactive demos, partner integrations, and an AI-powered Humanoid Security Guardian that generates customized well-architected guides via QR code. AWS security specialists will present sessions on privacy-by-design, trusted identity for autonomous agents, container supply-chain protection, and preparing for AI-native incidents. Join hands-on workshops and CTF challenges in Cloud Village, March 23–26, and use a Partner Passport to collect booth stamps, earn swag, and enter daily raffles.
read more →

AWS Builder ID Adds Sign-in Options for GitHub, Amazon

🔐 AWS Builder ID now supports Sign in with GitHub and Amazon, expanding social login options beyond Google and Apple. The change enables developers to access AWS Builder Center, AWS Training and Certification, and Kiro using existing GitHub or Amazon credentials. This reduces password management overhead, lowers forgotten-password incidents, and streamlines both new user registration and returning sign-ins for builders and students.
read more →

Just 24% Test Identity Disaster Recovery Every Six Months

🔐 A global survey by Quest Software of 650 IT and security practitioners found that only 24% of organisations test identity disaster recovery every six months, while 24% never test recovery plans. The report warns many firms focus on preventative controls and detection rather than response and recovery, increasing risk when identity protections fail. Respondents identified gaps in non-human and third-party identities, legacy on-premises systems and privileged accounts. Adoption of ITDR programmes is rising (57%), and 79% believe AI can improve recovery by reducing alert fatigue and correlating signals.
read more →

CISO Priorities for 2026: AI, Identity, and Resilience

🔐 2026 will bring faster, cheaper, and more credible cyberattacks as AI and automation lower the skill barrier for attackers. Industry leaders from Banco Santander, Vodafone, NordVPN, Sophos, and Cisco emphasize a shift from perimeter defenses to identity-centric, automated, resilience-focused models. Priority actions include continuous identity verification, integrated AI-driven security, XDR consolidation, supply-chain risk management, and stronger detection, response, and data-protection controls implemented with minimal customer friction.
read more →

AWS simplifies IAM role creation in service workflows

🔐 AWS Identity and Access Management (IAM) now lets you create and configure IAM roles directly within many service console workflows, so you no longer need to switch to the IAM console. A new in-context permissions panel appears during relevant tasks and supports default policies or a simplified statement builder for custom permissions, while retaining full IAM role-management capabilities. Initially available in the US East (N. Virginia) Region, the feature will roll out to additional services and regions. This streamlines role setup for services such as EC2, Lambda, EKS and more.
read more →

AWS adds denying policy ARNs to access denied errors

🔐 AWS now includes the ARN of the policy that caused an AccessDenied error for same-account and same-organization requests. This enhancement adds only the policy ARN (not policy content) for SCPs, RCPs, permissions boundaries, session policies, and identity-based policies, and does not change authorization logic. The rollout begins early 2026 across all Regions, improving troubleshooting and cross-team communication.
read more →