Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

one identity

Ephemeral accounts don't leave an audit trail, and that's a problem

Sep 25, 2025 By Richard Hosgood In One Identity
Ephemeral accounts are temporary, high-privilege accounts created for short-term use. They’re a convenient way to get quick, temporary access to systems, data or applications for one-off tasks. Need temporary admin rights for a few minutes? Just create an ephemeral account, complete your task and move on. But behind the convenience of these temporary credentials loom serious security threats.
Read Post
syteca

Why Do You Need a Just-in-Time PAM Approach?

Sep 24, 2025 By Ekran In Syteca
Privileged accounts are keys to critical systems and data. These keys can be dangerous if misused. The just-in-time (JIT) approach to privileged access management (PAM) solves this issue by aligning access, user needs, and time. In this post, we explain what just-in-time privileged access management is and how it helps organizations enhance their cybersecurity.
Read Post

Episode 4: Bring automation to the heart of your privileged access workflows with PAM360

Sep 24, 2025 By ManageEngine In ManageEngine
Enterprise security isn’t just about controlling who gets access. It’s about making those access workflows efficient, consistent, and free from error. In this episode of the PAM Masterclass, we’ll walk you through how PAM360 transforms repetitive admin work into automated, policy-driven workflows. It covers how to grant access only when required, revoke it automatically, and manage critical administrative tasks without manual effort, all while strengthening the organization’s security posture.
View Video
Tines

Why traditional IAM can't keep up, and how orchestration can fix it

Sep 23, 2025 By Stephen McKenna In Tines
Identity touches everything in modern IT. Whether it’s logging into email, provisioning a VM, or accessing a CRM, identity and access management (IAM) is the digital backbone of work. Yet the controls meant to safeguard it haven’t kept up with the scale, speed, and complexity of today’s environments. The cracks show up everywhere.
Read Post
apono

ShaiHulud, Nx & S1ngularitystyle Attacks: How JIT Access Stops the Chain Reaction

Sep 19, 2025 By The Apono Team In Apono
The Shai‑Hulud worm and the Nx / S1ngularity attacks show how token‑stealing malware, vulnerable workflows, and always‑on elevated permissions allow cascading compromise. Enforcing JIT access on repository, organization owner/admin roles, and team‑based inherited permissions sharply reduces exposure, limits damage, and strengthens audit/compliance posture.
Read Post
apono

ShaiHulud worm and the Nx / S1ngularity attacks: How-to use JIT Access to Stop the Chain Reaction

Sep 19, 2025 By The Apono Team In Apono
The Shai‑Hulud worm and the Nx / S1ngularity attacks show how token‑stealing malware, vulnerable workflows, and always‑on elevated permissions allow cascading compromise. Enforcing JIT access on repository, organization owner/admin roles, and team‑based inherited permissions sharply reduces exposure, limits damage, and strengthens audit/compliance posture.
Read Post
apono

The Required API Security Checklist [XLS download]

Sep 17, 2025 By The Apono Team In Apono
APIs are the foundation of modern applications, and attackers know it well. A single misconfigured endpoint or exposed token can give adversaries a direct path into sensitive systems and data across your environment. Your already overburdened security teams can’t afford to miss what may be their fastest-growing attack surface. How fast-growing is the threat?
Read Post
one identity

Understanding non-human identity management: Lessons from a PeerSpot One Identity use case

Sep 16, 2025 By PeerSpot In One Identity
The management of non-human identities (NHI) presents unique challenges that many identity and access management professionals are still learning to navigate. Service accounts, provisioned accounts, and automated system credentials require governance approaches that differ significantly from traditional user management.
Read Post
one identity

NIS2 and your admin accounts: Are you ready?

Sep 16, 2025 By Alan Radford In One Identity
The NIS2 Directive (NIS2) is now in effect, but some organizations still haven’t taken action – risking a sharp reckoning as the directive marks a major shift in compliance requirements. Compared to other cybersecurity legislation, NIS2 is less about ticking compliance boxes and more of a ground-up rethink of an organization’s entire security posture, especially when it comes to privileged access. We’ve seen this before with GDPR.
Read Post
one identity

Managing Microsoft Teams the right way: Balancing freedom and control

Sep 16, 2025 By Reto Bachmann In One Identity
Microsoft Teams has become the standard tool for digital collaboration in companies, public institutions and organizations alike. The platform offers all the functions modern teams need: Chat, meetings, file storage, project collaboration and more – fundamentally changing the way we work together across states and countries. But despite all the enthusiasm, Teams is not without its drawbacks – especially when used without proper control.
Read Post

Copyright © 2026 OpsMatters™. All rights reserved.