Henrique Bernardes B Teixeira’s Post

View profile for Henrique Bernardes B Teixeira, graphic

SVP Strategy @ Saviynt | Identity advisor | Keynote speaker | Research analyst, author, market creator | ex-Gartner, Microsoft, IBM

Hot take 🔥: I’ve had heated debates about “visibility” during my last few weeks in the circuit of cyber conferences - visibility alone, access path graphs, are nothing more than eye candy for presales. 📊 There is NO business driven outcome that can be justified only by “showing who has access to what”. NOTHING of meaningful value comes out of it, unless there are insights that can pinpoint and prioritize exposures that need to be fixed NOW. And then go and fix it. So…. Yeah, a visibility graph is not a “platform”. It’s just a graph. Say it with me: identity visibility without insight is like a baby 🍼crawling through a room and sticking its finger into a power outlet. ⚡️ #visibility #iam #ispm #itdr #ciem #iga

View profile for Rohit Agnihotri, graphic

IAM Executive | Podcaster | Speaker

I feel like there are too many vendors in security space, just selling 'visibility'. The remediation capabilities are either non-existent or non-scalable. #theidentitynavigator

Melanie Meyer Sommer

Creative Strategist ✨ Collaborative Leader ❤️Cybersecurity Marketer

6mo

💯 agree - you need visibility to get to rapid, precise actionability! Start with visibility into how your identities are structured, what they're doing, their risk scores and privileges...and, you can go from there: Proactive identity hygiene, prioritized risk insights and compliance violations, real-time identity threat detection and response, guided and automated remediations, etc. Without a unified, end-to-end view into your identities WITH risk insights and contextual insights, you are still operating in the dark. Having visibility with actionability - that's the ticket! Check out www.rezonate.io and see what I'm talking about.

Rebecca (Becky) Archambault

Senior Director Analyst-IAM at Gartner

6mo

Like everything in #IAM it’s a journey. Discovery is step#1- but it typically is done in silos and isn’t continuous; Visibility is next- showing relationships across silos; then observability- adding risk intelligence and prompting action to occur- in the authoritative source. Bad process within your environment will become apparent- which is key to finally shrinking that attack surface.

Deepak Gupta

Head of Products @ Pathlock • Enterprise B2B SaaS • Driving innovation and success • ex-SAP, ex-Oracle

6mo

Maybe i missed something.. Wouldnt visibility give insights as to what access there is.. the classic can do or did do.. And those insights can be used to "fix that access" Ofcourse fixing is easier said then done, but a topic for another day.. Or did you mean something else?

Like
Reply
Gautam Dev

CEO | Cybersecurity | G'Day, Today #Believe!

6mo

#devsays - True that... Suggesting just that an identity has access doesn't matter unless you specify why it has access, the risk, if it should have it in the first place and why so... Love the bottomline analogy Henrique Bernardes B Teixeira

See more comments

To view or add a comment, sign in

Explore topics