Identity Governance & Administration didn’t arrive fully formed, it evolved. In this episode we walk through the journey of IGA.
From homegrown scripts and spreadsheets to heavyweight platforms like Sun, Oracle, and CA. The rise of governance-first thinking with SailPoint and Saviynt . How compliance, cloud, and complexity reshaped the market
Email: theIdentityNavigator@gmail.com
LInkedIn: /rohit-agnihotri
Remember when smoking looked cool? For years in tech, holding root access was the same, a badge of honor, proof you were trusted, heroic, untouchable.
In tech, we have our own “smoking”, permanent root/admin access. For years, being the engineer with root was a badge of honor. It felt powerful, even heroic. You were the one who could swoop in and “save the day.” But beneath the surface, this creates real risk. Root access becomes not just a tool but a piece of personal identity. We start to believe that if we lose it, we lose our status.
In this episode we deep dive into the psychology of root access, the shared toothbrush model of access and access detox campaigns.
Have you ever wondered why we haven’t discovered alien life? And how does this connect to IAM maturity, systems thinking, and organizational psychology?
In this episode, I dive deep into the Fermi Paradox, explore the complexities of IAM maturity, and draw surprising parallels between the search for extraterrestrial intelligence and the journey organizations face in their IAM evolution.
Tune in as we map out the path from noise to clarity in IAM, and maybe even discover the “filter” we all need to overcome.
Email: theIdentityNavigator@gmail.com
This episode was inspired by Ozark: A crime drama where a financial advisor is pulled into the world of money laundering
Ever wondered why simply holding a token grants you access—no passwords, no challenges, just pure possession? In this episode we trace the surprising journey of bearer tokens from their financial origins to the backbone of modern digital identity.
Whether you’re architecting an OAuth flow, defending APIs, an Identity enthusiast, a historian, or simply curious about the mechanics behind that “Authorization: Bearer …” header, this episode will reshape your understanding of access control.
Email: theIdentityNavigator@gmail.com
In the context of IAM, resource mining refers to theprocess of discovering, cataloging, and analyzing resources within an organization's environment to understand their structure, permissions, ownership, and access controls. The goal is often to gain visibility into the resources (e.g., applications, servers, databases, files, or cloud infrastructure), their associated identities and usage patterns , enabling effective governance, security, and compliance.
Let's understand this tricks of the trade and how it is applicable to a cloud solution, zero trust strategy, an AD environment and an AD-Application-IGA ecosystem.
Email: theIdentityNavigator@gmail.com
LinkedIn: https://www.linkedin.com/in/rohit-agnihotri
A self-healing IAM system enhances enterprise security by automating identity governance, mitigating operational risks, and ensuring adaptive security resilience.
By leveraging this framework organizations cancreate dynamic, self-correcting identity frameworks that reduce administrative overhead and improve security posture.
Self-healing mechanisms ensure robust access management by automatically detecting and mitigating disruptions, policy misconfigurations, or security anomalies.
Email: theIdentityNavigator@gmail.com
Fractured identity occurs when a single user is unintentionally associated with multiple distinct accounts across different systems or within the same system.
This fragmentation can arise in several scenarios, such as customer service interactions, where new user identities are created without linking them to existing ones, or when identity data across different systems is inconsistentor cannot be reconciled.
Lets deep dive into this topic and learn how to create awareness, get started, spot and solve this.
Contact Us:
Email: theIdentityNavigator@gmail.com
LinkedIn: https://www.linkedin.com/in/rohit-agnihotri
In this episode we understand what "Unquestioned Assumptions" are, why they are limiting and how to recognize them.
At its core, these are beliefs, habits, or expectations we adopt without verifying their accuracy or relevance. They shape our decisions, guide our strategies, and even influence how we view success.
Contact Us:
Email: theIdentityNavigator@gmail.com
In this episode, we take a deep dive into the role of graph databases in Identity and Access Management (IAM) and explore why they are becoming indispensable in modern IAM systems.
For over 25 years, LDAP and relational databases have been he backbone of IAM. However, as the demands of IAM systems evolve, particularly in cloud-native and enterprise environments, it's clear that traditional databases are struggling to keep pace.
It's time to introduce graph databases, a technology inherently suited for many IAM use cases. While relational databases offer consistency and robust transactional support, they falter in handling the growing complexity of dynamic access control and scalable architectures. Graph databases, on the other hand, excel at managing complex relationships and connections—key elements in modern IAM systems.
In this episode, we discuss the limitations of RDBMS systems and explore how graph databases can transform IAM by offering smarter, more adaptable solutions for today's identity challenges.
Email: theIdentityNavigator@gmail.com
In this episode, we dive into the world of Public Key Infrastructure (PKI) and explore why it's not more widely adopted in the Identity and Access Management (IAM) space, despite being considered the gold standard of credential assurance by many experts.
We'll unravel the complexities of PKI, discuss its advantages and challenges, and examine the reasons behind its limited mainstream presence.
Whether you're a security professional or just curious about IAM technologies, this episode will provide valuable insights into the potential of PKI and what it could mean for the future of digital security.
Join us as we decode the mysteries of PKI and its role in modern identity management.
Email: theIdentityNavigator@gmail.com
LinkedIn: https://www.linkedin.com/in/rohit-agnihotri/
The Identity Navigator
BeyondTrust mention reminds most of us of privileged access management. Interestingly on their website, the first thing they mentioned was "PAM Products and ITDR"
BeyondTrust has multiple products in their product suite and the one of the newest addition is Identity Security Insight, launched in 2023 and focused on ITDR
Let's check them out together
Website: https://www.beyondtrust.com/
Free Identity Security Assessment: https://www.beyondtrust.com/products/identity-security-insights/assessment
Email: theIdentityNavigator@gmail.com
In this episode of the Identity Navigator podcast, we explore the multifaceted world of Identity Threat Detection and Response (ITDR).
The episode delves into how various players in the market each bring their unique interpretations of ITDR, contributing to a diverse and innovative landscape. This diversity is pushing the boundaries of identity security, prompting a deep dive into the intricacies of ITDR and its viability.
We discuss whether ITDR is effectively addressing the growing challenges of identity-based threats or if it is merely capitalizing on the fears of security executives to drive revenue.
Join us as we navigate through these critical topics and uncover the true impact of ITDR in the current cybersecurity environment.
Email: theIdentityNavigator@gmail.com