Susan Hall’s Post

Entra External ID: The New CIAM Offering! Last month, Entra External ID went GA, succeeding Azure AD B2C. Entra External ID integrates external identity management with internal, partner, and guest identities, unlike traditional B2C. This unified view simplifies management, governance, policy, security, and logging while adding features like fraud protection and verifiable credentials. Azure AD B2C is now a "legacy" product but may still be suitable for some solutions. Feature comparison. - Announcement Blog: https://lnkd.in/eWsP6xdG - What is CIAM? https://lnkd.in/eTXQ-kuB - B2C vs External ID Features: https://lnkd.in/e62tcYfv - External ID Developer Center: https://lnkd.in/eCTAG_cU

In today’s digital landscape, identity orchestration is crucial for large enterprises in financial services, retail, travel, and hospitality. By integrating disparate identity systems, it provides seamless user experiences with passwordless authentication, risk-based MFA, and single sign-on. Learn how identity orchestration boosts security and IT productivity. #CyberSecurity #IdentityManagement #DigitalTransformation #MFA #TechInnovation

News: Aldo Pietropaolo Joins Strata Identity as Field CTO - He will serve as the technical liaison with customers to understand their unique multi-cloud and hybrid cloud identity management requirements and challenges, and will provide expert guidance on implementing Strata’s Maverics platform to help customers achieve business goals, enhance security, and ensure regulatory compliance. “I’ve worked with Aldo several times over the past 25 years. He is one of the sharpest minds in identity management and has the unique ability to understand customer needs as well, and sometimes better than they do,” said Eric Olden, CEO of Strata Identity. “As Field CTO, he will play a central role in helping customers design, architect, and implement customized solutions using Strata’s Maverics for application and identity modernization, as well as identity continuity.” Prior to joining Strata Identity, Aldo Pietropaolo was at modern privileged identity management and authorization vendor SGNL, where he was director of solutions engineering. He was co-founder of Good Dog Labs and invented the first identity and access management microservices-based product (Perseus IAM). Good Dog Labs was acquired by Lighthouse Computer Services. Aldo has held senior management roles in identity solutions engineering and architecture with Identropy, PwC, HP, RSA and Securant. “Identity management is at an inflection point, as organizations modernize their applications and migrate from legacy on-premises identity systems to cloud-based identity providers like AWS, Microsoft, Okta, and others,” said Aldo Pietropaolo. “For a large enterprise, this transition requires rewriting hundreds, sometimes thousands of applications. Strata’s Maverics eliminates this problem with a unique identity fabric that performs orchestration across incompatible identity systems. I look forward to helping customers eliminate the high costs, friction, and long delays typically associated with identity modernization projects.”  https://lnkd.in/g9uDPGEg #NewHires #execs #cybersecurity #cloud #identity #IAM #IdentityOrchestration #modernization #hybrid #cloud #multicloud #security

The landscape can be overwhelming with so many Security Posture Management products emerging for applications, cloud, Kubernetes, and SaaS. Recently, I published a paper on what to expect from a security posture management solution. I've engaged with multiple enterprise customers, especially in industries like finance with complex structures—think insurance, retail banking, portfolio management, and wealth management, each with unique identity governance needs. In these conversations, I hear a consistent theme: a growing demand for decentralized identity governance. Large enterprises want to give each business unit the autonomy to choose tools, operate independently, and manage their security and business functions. However, this flexibility also calls for a centralized policy definition, governance, and monitoring layer to ensure compliance, manage risk, and maintain operational efficiency. This is where Identity Security Posture Management (ISPM) comes in—a concept that marries the principles of Security Posture Management with a Decentralized Identity Mesh. ISPM offers a centralized oversight layer for policy enforcement, governance, and monitoring, all while being decoupled from the identity solution itself. This heterogeneous approach supports centralized management across a multi-vendor, decentralized identity environment. I believe ISPM is the next step in identity security, and I’d love to hear your thoughts. And if any investors see the potential here, let’s talk! https://lnkd.in/gpMhqFWd

A great breakdown of how critical Workload Identity is getting in securely managing your compute.

🚀 Excited to share insights on how #Auth0 is revolutionizing access management in the logistics and supply chain industry! ✨ 🛡️Security & Efficiency: In the fast-paced world of logistics, #Auth0 stands out by ensuring data protection and streamlined access to critical systems. 🔑 Seamless User Onboarding: With out-of-the-box support for various Identity Providers (#IdPs), Auth0 makes user onboarding smooth and secure, reducing unnecessary delays. 👨💻 Developer Empowerment: Auth0's developer-friendly APIs and comprehensive documentation empower developers, accelerating deployment and innovation. 🏭 Leading Examples: Giants like @Siemens and @Atlassian leverage Auth0 to offer personalized, secure user experiences, highlighting the platform's impact across industries. 🌍 Digital Security Priority: In our digital-first world, Auth0's advanced security features, like multi-factor authentication, are crucial in protecting digital assets and building customer trust. 🛡️🔐 👉 This is a game-changer for anyone in #Logistics and #SupplyChainManagement looking to enhance operational efficiency and security. Let's embrace this digital transformation together! 📌 Check out the full article for more insights and success stories! https://lnkd.in/gigeyWX3 #DigitalTransformation #CyberSecurity #UserExperience #DeveloperTools #Innovation

New post from NovusVista about Keycloak.

At NovusVista Technologies, we’ve been working with Keycloak, a powerful open-source solution for identity and access management (IAM), and I wanted to share some insights on how we’re enhancing it with AI-powered Risk Detection and one of its standout features: multitenancy.   As businesses move towards scalable, cloud-based solutions, the need for smarter and more secure identity management is critical. AI integration in Keycloak takes security to the next level, offering real-time risk detection, which helps detect suspicious behaviors, prevent unauthorized access, and strengthen authentication flows. This makes it especially vital in multitenant environments, where you manage multiple user groups, applications, and clients within a single system.   🌟 What is Multitenancy in Keycloak? Multitenancy allows us to serve multiple distinct clients or organizations from a single Keycloak instance. Each tenant can have its own isolated environment with custom realms, users, authentication flows, and security settings. This is a game-changer for enterprises working in SaaS, multi-brand, or multi-client environments!   🚀 Benefits of Keycloak Multitenancy:   • Cost-Effective Scaling: Manage multiple tenants in one instance, reducing infrastructure costs while maintaining security isolation. • Customized Security: Tailor authentication and authorization processes for each tenant with individual configurations, making it easy to adapt to client-specific needs. • Seamless User Experience: Keycloak offers SSO across multiple tenants, improving the user experience by reducing the need to manage separate logins for different services. • Easy Integration: Multitenancy works seamlessly with OAuth2, OpenID Connect, and SAML, making it a versatile solution for integrating with modern applications.   🔑 Security & Implementation Best Practices:   1. Realm Isolation: By isolating realms for each tenant, you ensure data security and prevent cross-tenant data leakage. 2. Role-Based Access Control (RBAC): Implement RBAC for each tenant to enforce fine-grained access control, ensuring users only have access to their respective applications. 3. Client-Specific Policies: Define client-specific authentication flows and security policies to offer a flexible yet secure environment for each tenant. 4. Cross-Tenant SSO: For clients that need to access services across multiple tenants, Keycloak’s cross-realm SSO makes it easy without compromising security.   Whether you’re building SaaS platforms or managing multiple brands, Keycloak’s multitenancy can streamline identity management while ensuring strong security and flexibility.   Interested in how multitenancy can enhance your IAM strategy? Let’s connect and explore the possibilities!   #Keycloak #Multitenancy #IdentityManagement #AI #Security #NovusVista #IAM #OpenSource #CyberSecurity #TechInnovation   From: Puneet Gupta

In Forbes, Eric Olden, CEO of Strata Identity discusses the significant and costly challenge of managing applications across #distributed #IT environments and explains how an #application #fabric can help. #bestpractices #CISO #Identity #Execs

Authlete 3.0 empowers organizations to improve digital identity management: Authlete launched Authlete 3.0, offering support for OpenID for Verifiable Credential Issuance (OID4VCI). This new capability empowers organizations—including governments, financial institutions, and educational establishments—to revolutionize how they issue and manage user credentials. With the introduction of Authlete 3.0, Authlete now offers a simple API solution for quickly issuing interoperable verifiable credentials (VCs) conformant with OID4VCI. Built on OAuth and OIDC—proven and widely used global standards for authentication and authorization—OID4VCI supports various credential formats, including SD-JWT … More → The post Authlete 3.0 empowers organizations to improve digital identity management appeared first on Help Net Security.