Identity at the Center Identity at the Center

In this thought-provoking episode of Identity at the Center, hosts Jim McDonald and Jeff Steadman engage in a candid conversation with security researcher Kat Traxler from TrustOnCloud. They delve into the intricacies of cloud identity management, discussing the unique challenges and strategies for securing assets in cloud environments like GCP and AWS. Kat sheds light on the importance of understanding the resource hierarchy in GCP and the nuances that differentiate it from AWS. The trio also explores the evolution of IAM tools and their applicability in the cloud, the debate between least privilege and zero standing privilege, and the ongoing journey toward securing the cloud beyond IAM.

As they unpack the complexities of cloud security, Kat shares her insights on the significance of asset inventories and the impact of policy inheritance on cloud platforms. The conversation also touches on the future of cloud security conferences and the value of hands-on experiences in understanding cloud security. Amidst the technical deep dive, the episode takes a lighter turn as the hosts and guest contemplate what life might look like outside the realm of technology, revealing personal aspirations ranging from farming to bronze sculpting.

For those looking to expand their cloud security knowledge, Kat recommends checking out the GCP 101 series on her blog and the Forward Cloud SEC conference for a comprehensive learning experience.

Connect with Kat: https://www.linkedin.com/in/kat-traxler-85a6592/

GCP 101 Series (Blog): https://kattraxler.cloud/gcp/iam/101/2024/03/03/gcp-series-101.html

Google Cloud Adoption Framework: https://cloud.google.com/adoption-framework

Learn more about TrustOnCloud: https://trustoncloud.com/

fwd:cloudsec conference: https://fwdcloudsec.org/

Identiverse 2024: As an IDAC listener, you can register with 25% off by using code IDV24-IDAC25 at https://events.identiverse.com/identiverse2024/register?code=IDV24-IDAC25

Attending the European Identity and Cloud Conference in Berlin? Use Discount Code: EIC24idac25 for 25% off. Register at https://www.kuppingercole.com/events/eic2024

Attending Identity Week in Europe, America, or Asia? Use our discount code IDAC30 for 30% off your registration fee! Learn more at:


Europe: https://www.terrapinn.com/exhibition/identity-week/
America: https://www.terrapinn.com/exhibition/identity-week-america
Asia: https://www.terrapinn.com/exhibition/identity-week-asia/

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

In this episode, Jim and Jeff welcome back Sandy Bird, the CTO and Co-Founder of Sonrai Security, for a sequel to their first sponsor spotlight. Sandy returns to discuss the groundbreaking Cloud Permissions Firewall with Permissions on Demand. The trio dives into how this new solution revolutionizes the way organizations can clamp down on excessive cloud permissions, streamline operations, and secure their cloud environments with unprecedented speed and efficiency.

The discussion illuminates the concept of "default deny," the exhilaration of zapping "zombie" identities, and the seamless integration with cloud native tools. Sandy also shares insights on how customers can measure success with Sonrai’s solution and the significant security benefits provided.

For a visual walkthrough of Sonrai’s Cloud Permissions Firewall, visit http://sonrai.co/idac to see the demo in action and learn how you can try it out with a 14-day free trial. And if you're at RSA, AWS re:Inforce, or Gartner IAM, look for the Sonrai Security booth and experience the epiphany moment for yourself.

Connect with Sandy on LinkedIn: https://www.linkedin.com/in/sandy-bird-835b5576

Learn more about Sonrai Security: https://sonrai.co/idac

Introducing the Cloud Permissions Firewall (YouTube): https://www.youtube.com/watch?v=ffQbM6KGDbY

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

Episode Keywords

Identity And Access Management (Iam), Cloud Security, Aws, Azure, Gcp (Google Cloud Platform), Least Privilege, Identity Risk, Cloud Permissions Firewall, Infrastructure As Code, Security Operations (Secops), Cloud Operations (Cloudops), Permissions Management, Excessive Privileges, Zombie Identities, Identity Governance, Access Analyzer, Sensitive Permissions, Role-Based Access Control (Rbac), Service Control Policies (Scp), Cloud Native Security

In this episode, hosts Jim McDonald and Jeff Steadman engage in a far-reaching discussion with John Podboy, a Senior Vice President in Cybersecurity for a major bank. They delve into the evolving landscape of identity in the banking industry, the impact of AI and indicators of compromise on identity data, and the potential future innovations like FIDO2 and passkeys. John also shares his insights on the importance of understanding business objectives and the role of identity in driving revenue and customer trust. Plus, don't miss the wine talk towards the end, where John reveals his passion for vineyards and the type of wine he would specialize in if he had his own.

Connect with John: https://www.linkedin.com/in/johnpodboy/

Identiverse 2024: As an IDAC listener, you can register with 25% off by using code IDV24-IDAC25 at https://events.identiverse.com/identiverse2024/register?code=IDV24-IDAC25

Attending the European Identity and Cloud Conference in Berlin? Use Discount Code: EIC24idac25 for 25% off. Register at https://www.kuppingercole.com/events/eic2024

Attending Identity Week in Europe, America, or Asia? Use our discount code IDAC30 for 30% off your registration fee! Learn more at:


Europe: https://www.terrapinn.com/exhibition/identity-week/
America: https://www.terrapinn.com/exhibition/identity-week-america
Asia: https://www.terrapinn.com/exhibition/identity-week-asia/

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

In this episode, hosts Jim and Jeff sit down with Martin Kuppinger, Founder and Principal Analyst at KuppingerCole Analysts. Making his fourth appearance on the show, Martin shares what he's been up to since the last time they spoke in July 2023. The conversation also explores Martin's insights on who should be in charge of IAM and the role of the CISO, based on his LinkedIn post. The hosts and Martin then delve into a discussion about the upcoming 2024 European Identity and Cloud Conference in Berlin. Martin shares his impressions of the city, provides details about the conference, and gives advice for first-time attendees. They also discuss the main themes of this year's conference and what he's excited for. Finally, they discuss a KuppingerCole blog post about the end-of-life of SAP Identity Management.

Connect with Martin: https://www.linkedin.com/in/martinkuppinger/

Who should be in charge of IAM? And what's the role of the CISO?: https://www.linkedin.com/pulse/who-should-charge-iam-whats-role-ciso-martin-kuppinger-vpncc/?trackingId=94hCoE7ifcjDrxv93V72lw%3D%3D

SAP Identity Management End-of-Life: What’s Next?: https://www.kuppingercole.com/blog/kuppinger/sap-identity-management-end-of-life-whats-next

Identiverse 2024: As an IDAC listener, you can register with 25% off by using code IDV24-IDAC25 at https://events.identiverse.com/identiverse2024/register?code=IDV24-IDAC25

Attending the European Identity and Cloud Conference in Berlin? Use Discount Code: EIC24idac25 for 25% off. Register at https://www.kuppingercole.com/events/eic2024

Attending Identity Week in Europe, America, or Asia? Use our discount code IDAC30 for 30% off your registration fee! Learn more at:


Europe: https://www.terrapinn.com/exhibition/identity-week/
America: https://www.terrapinn.com/exhibition/identity-week-america
Asia: https://www.terrapinn.com/exhibition/identity-week-asia/

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

In this sponsored episode, our hosts Jim and Jeff have an in-depth conversation with Gil Hoffer, the Co-Founder and CTO of Salto. They explore Gil's journey into the world of identity, the inception of Salto, and how the company is setting new standards in the field. The discussion delves into the unique features and benefits of Salto's services, as well as how organizations can measure their success with Salto. Listen in to learn about Salto's role in managing configurations and their vision for the future.

Connect with Gil: https://www.linkedin.com/in/gilhoffer/

Learn more about Salto: https://www.salto.io/idac

Salto on YouTube: https://www.youtube.com/@salto-io

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

In this episode, hosts Jim McDonald and Jeff Steadman welcome Jeff Reich, Executive Director at the Identity Defined Security Alliance (IDSA), back to the IDAC Podcast for his third appearance. The main topic of discussion is Identity Management Day 2024. They deep dive into what's new with the IDSA, the exciting content to expect on Identity Management Day, and Jeff Reich shares his rapid-fire thoughts on AI, the Change Healthcare Cyberattack, converged identity vs. best of breed, and the top trends for identity tech firms.

Connect with Jeff Reich: https://www.linkedin.com/in/jreich/

Learn more about the IDSA: https://www.idsalliance.org/

Identity Management Day 2024: https://www.idsalliance.org/event/identity-management-day-2024/

Connect with us on LinkedIn:

Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/

Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/

Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.