Defense in Depth

Securing Identities in the Cloud

Jun 27, 2024

CEO of Push Security, Adam Bateman, discusses securing identities in the cloud. Topics include common security mistakes, importance of understanding identities and single sign-on, challenges in identity implementations, monitoring unused permissions, and building tools for flagging risky behavior.

32:33

Creator website

Episode guests

Adam Bateman

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Securing identities in the cloud involves relinquishing control to vendors, necessitating a thorough understanding of limited management capabilities.

Addressing identity security risks requires visibility into dormant and unutilized identities, standardized SSO processes, and proper synchronization of local admin accounts.

Deep dives

Securing Identity in the Cloud

Securing identity in the cloud differs from on-prem solutions, as cloud environments involve seeding control to vendors. Maintaining identity safety requires understanding the limited control available for creation and management.

Intro

2min

Importance of Securing Identities in the Cloud and Common Security Mistakes

2min

Importance of Understanding Identities and Single Sign-On in Cloud Environments

6min

Challenges and Opportunities in Identity Implementations for Enterprise Applications

5min

The Importance of Identifying and Monitoring Unused Permissions in Cloud Environments

12min

Importance of Building Tools for Flagging Risky Behavior and Monitoring OAuth Permissioning

4min

All links and images for this episode can be found on CISO Series.

Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is our sponsored guest, Adam Bateman, CEO, Push Security.

The SaaS attacks matrix community resource mentioned by Adam in the episode can be found here.

Editorial note: Geoff Belknap is an advisor to Push Security.

In this episode:

Where are we going wrong
Finding the missing pieces
Protecting an expanding border
It starts with understanding risk

Thanks to our podcast sponsor, Push Security

Prevent, detect and respond to identity attacks using Push Security’s browser agent. Enable Push’s out-of-the-box controls or integrate Push with your SIEM, XDR and SOAR. Block phishing attacks, detect session hijacking and stop SSO passwords being exposed. Find out what else the Push browser agent can do at pushsecurity.com.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

Defense in Depth

Securing Identities in the Cloud

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Securing Identity in the Cloud

Common Identity Security Risks

Visibility into Identity Management

Unified SSO Standards

Remember Everything You Learn from Podcasts