Sign up to save your podcasts
Or
Share From IPs to people
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
From IPs to people
Detection fails without identity.
When activity isn’t tied to a person, anomalies stop telling a story - they’re just signals without context. And when your logs only show IP addresses, your security team is left responding to shadows, not real risk.
In this Threat Talks Deep Dive, Rob Maas (Field CTO, ON2IT) and Nicholai Piagentini (Technical Enablement Engineer, ON2IT) show how identity-based firewalling fixes that-by enforcing policy based on who the user is, not where they connect from.The result: stronger network access control, cleaner zero trust firewall enforcement, and better enterprise security decisions.
- (00:56) - Intro - Detection fails without identity
Key Topics Covered
• Why anomaly detection breaks without identity correlation in firewall logs
• How identity-based policy improves network access control and reduces lateral movement
• Common failure points: terminal servers, NAT, service accounts, AD timeouts
• A low-risk rollout: enable for visibility first, then enforce zero trust rules
Related ON2IT content & explicitly referenced resources
https://threat-talks.com/
https://on2it.net/
https://www.ams-ix.net/ams
Threat Talks connects cyber threats to operational reality-so CISOs and architects can make decisions faster.
Subscribe, follow, and turn on notifications to stay ahead of what changes enterprise security next.
Click here to view the episode transcript.
🔔 Follow and Support our channel! 🔔
===
► YOUTUBE: https://youtube.com/@ThreatTalks
► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E
► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520
👕 Receive your Threat Talks T-shirt
https://threat-talks.com/
🗺️ Explore the Hack's Route in Detail 🗺️
https://threat-talks.com
🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX
View all episodes
By Threat TalksDetection fails without identity.
When activity isn’t tied to a person, anomalies stop telling a story - they’re just signals without context. And when your logs only show IP addresses, your security team is left responding to shadows, not real risk.
In this Threat Talks Deep Dive, Rob Maas (Field CTO, ON2IT) and Nicholai Piagentini (Technical Enablement Engineer, ON2IT) show how identity-based firewalling fixes that-by enforcing policy based on who the user is, not where they connect from.The result: stronger network access control, cleaner zero trust firewall enforcement, and better enterprise security decisions.
- (00:56) - Intro - Detection fails without identity
Key Topics Covered
• Why anomaly detection breaks without identity correlation in firewall logs
• How identity-based policy improves network access control and reduces lateral movement
• Common failure points: terminal servers, NAT, service accounts, AD timeouts
• A low-risk rollout: enable for visibility first, then enforce zero trust rules
Related ON2IT content & explicitly referenced resources
https://threat-talks.com/
https://on2it.net/
https://www.ams-ix.net/ams
Threat Talks connects cyber threats to operational reality-so CISOs and architects can make decisions faster.
Subscribe, follow, and turn on notifications to stay ahead of what changes enterprise security next.
Click here to view the episode transcript.
🔔 Follow and Support our channel! 🔔
===
► YOUTUBE: https://youtube.com/@ThreatTalks
► SPOTIFY: https://open.spotify.com/show/1SXUyUEndOeKYREvlAeD7E
► APPLE: https://podcasts.apple.com/us/podcast/threat-talks-your-gateway-to-cybersecurity-insights/id1725776520
👕 Receive your Threat Talks T-shirt
https://threat-talks.com/
🗺️ Explore the Hack's Route in Detail 🗺️
https://threat-talks.com
🕵️ Threat Talks is a collaboration between @ON2IT and @AMS-IX