I'm always thrilled to chat with ex-analysts, and Henrique Teixeira can cover a lot of ground with us on the topic of identity management and governance. The more I talk to folks about IAM/IGA, the more I'm shocked at how little has changed. If anything, it seems like we've gone backwards a bit, with the addition of cloud SaaS, mobile devices, and shadow IT. Identity is one of the most common entry points for attacks, so we've got to do better as an industry here.

We'll cover a variety of topics in this interview, including:

• Why Henrique chose to go to Saviynt from Gartner
• Vendor risk concentration in identity
• Resilience in identity, especially when depending on a SaaS IdP
• Identity attack evolution (and the creation of the ITDR category)
• What's working in identity to move things forward, and what is holding us back

This segment is sponsored by Saviynt. Visit https://securityweekly.com/saviynt to learn more about them!

In this week's enterprise security news,

1. Seed rounds are getting huge
2. Lots of funding for niche security vendors
3. Rapid7 acquires Noetic Cyber
4. but Rapid7 is also rumored to sell itself!
5. Slack battles infostealers
6. The loss of Chevron deference impacts cyber
7. Should cybersecurity put up a no vacancy sign?
8. Figma and Google both make some embarrassing mistakes
9. The RockYou2024 file does NOT contain 10 billion passwords
10. I introduce a new news category: AI indegestion

All that and more, on this episode of Enterprise Security Weekly!

Visit https://www.securityweekly.com/esw for all the latest episodes!

Show Notes: https://securityweekly.com/esw-367