<img src="https://ws.zoominfo.com/pixel/6169bf9791429100154fc0a2" width="1" height="1" style="display: none;">
Curious about how StrongDM works? 🤔 Learn more here!
Search
Close icon
Search bar icon
Search
Close icon
Search bar icon
John Martinez

John Martinez

Technical Evangelist, has had a long 30+ year career in systems engineering and architecture, but has spent the last 13+ years working on the Cloud, and specifically, Cloud Security. He's currently the Technical Evangelist at StrongDM, taking the message of Zero Trust Privileged Access Management (PAM) to the world. As a practitioner, he architected and created cloud automation, DevOps, and security and compliance solutions at Netflix and Adobe. He worked closely with customers at Evident.io, where he was telling the world about how cloud security should be done at conferences, meetups and customer sessions. Before coming to StrongDM, he lead an innovations and solutions team at Palo Alto Networks, working across many of the company's security products.

StrongDM has been featured in Forbes, The New Stack, VentureBeat, DevOps.com, TechCrunch, and Fortune.

Expertise

Authentication, Access, Identity and Access Management, Observability, Auditing, Security, Zero Trust, Compliance, Compare, Dynamic Access Management, DevOps

Latest blog posts from John

7 Reasons for Enterprises to Adopt Multi-Factor Authentication (MFA)
7 Reasons for Enterprises to Adopt Multi-Factor Authentication (MFA)
The world we operate in today is far different than it was even a couple years ago. More employees work from remote locations (as of late 2023, more than 12% of U.S. workers are fully remote), and more companies engage the services of freelancers and other outside workers. Organizations must recognize that the traditional physical boundaries no longer apply. They now need to secure a vast array of devices used by employees spread across various locations.
The Importance of Multi-Factor Authentication (How It Works)
The Importance of Multi-Factor Authentication (How It Works)
Getting users' passwords isn’t really that hard anymore. In fact, bad actors employ advanced technology that allows them to snowshoe (test billions of password combinations per second), rendering 90% of user-generated passwords susceptible to attacks. MFA significantly enhances security by requiring a second piece of information to verify a user’s identity. The additional 20 seconds a user spends receiving a code via SMS provides a level of protection that a password alone cannot offer.
What Is User Provisioning? How It Works, Best Practices & More
What Is User Provisioning? How It Works, Best Practices & More
User provisioning is the process of managing user access within an enterprise. It involves creating, managing, and deprovisioning user accounts and access rights across various systems and applications. This includes setting up accounts, assigning roles and permissions, and managing identities.
Audit Logging: Examples, Best Practices, and More
Audit Logging: Examples, Best Practices, and More
Audit logging is essential for maintaining a secure and compliant IT infrastructure. By capturing detailed records of system activities, audit logs provide insights into user actions, system events, and potential security threats. Understanding audit logging helps you identify and address vulnerabilities, ensure regulatory compliance, and enhance overall system integrity.
Zero Trust vs. VPN: What Solution Is Right for You?
Zero Trust vs. VPN: What Solution Is Right for You?
Understanding the core differences between a Zero Trust architecture and a Virtual Private Network (VPN) is an important step in shaping your organization’s cybersecurity strategy. Zero Trust and VPNs offer distinct approaches to security; knowing their functionalities and security philosophies helps you understand when to select one or the other to protect your data effectively—a strategic necessity for robust cybersecurity.
NSA Zero Trust Maturity Guidance Explained (TL;DR Version)
NSA Zero Trust Maturity Guidance Explained (TL;DR Version)
StrongDM is pleased to see that, in April 2024, the National Security Agency of the United States, has released a Cybersecurity Information (CSI) sheet that recommends why and how organizations, public and private, should adopt the Zero Trust (ZT) security model for their data tier of infrastructure. At the core of the recommendations, an organization needs to know what data it possesses, how that data is being accessed, and how to control access to that data.
9 User Authentication Methods to Stay Secure in 2024
9 User Authentication Methods to Stay Secure in 2024
User authentication plays an essential role in securing networks and ensuring that only authorized users can access sensitive data. As our infrastructure transitions from traditional on-premises setups to cloud and hybrid environments, our authentication methods must continue evolving.
Cybersecurity Audit: The Ultimate Guide for 2024
Cybersecurity Audit: The Ultimate Guide for 2024
A cybersecurity audit is a comprehensive assessment of your organization's information systems, networks, and processes that identify vulnerabilities and weaknesses that cybercriminals could exploit. The audit also evaluates the effectiveness of your security controls, policies, and procedures and determines if they align with industry best practices and compliance standards.
Top 9 Zero Trust Security Solutions in 2024
Top 9 Zero Trust Security Solutions in 2024
Zero trust is a security and authentication model that eliminates the assumption of trust and shifts the focus from a traditional security parameter, like a VPN or firewall, to the individual user. Nearly all (92 percent) cybersecurity professionals agree that it’s the best network security approach that exists. In this article, we’ll evaluate the top nine zero trust solutions and help you decide which is right for your organization.
StrongDM vs. AWS SSM Session Manager: Side-by-Side Comparison
StrongDM vs. AWS SSM Session Manager: Side-by-Side Comparison
Both AWS Systems Manager (SSM) Session Manager and StrongDM are solutions for gaining remote access to critical infrastructure. Yet, while they share some of the same capabilities required of an enterprise access management platform, the execution and the ultimate goals they accomplish for security and compliance teams are very different.
Unauthorized Access: Types, Examples & Prevention
Unauthorized Access: Types, Examples & Prevention
Unauthorized access—the unauthorized entry or use of an organization's systems, networks, or data by individuals without permission—is a common way for bad actors to exfiltrate data, inject malicious code, and take advantage of all types of breaches, and can have severe consequences for an enterprise and its customers.
XZ Utils Backdoor Explained: How to Mitigate Risks
XZ Utils Backdoor Explained: How to Mitigate Risks
Last week, Red Hat issued a warning regarding a potential presence of a malicious backdoor in the widely utilized data compression software library XZ, which may affect instances of Fedora Linux 40 and the Fedora Rawhide developer distribution. CISA, or Cybersecurity & Infrastructure Security Agency, confirmed and issued an alert for the same CVE.
Unmasking Cozy Bear (APT29): The Urgent Need for Continuous Authorization
Unmasking Cozy Bear (APT29): The Urgent Need for Continuous Authorization
Cozy Bear specializes in targeting governments, diplomatic entities, non-governmental organizations (NGOs), and IT service providers, primarily in the U.S. and Europe. These state-sponsored groups aim to clandestinely gather strategic and sensitive information for Russia, maintaining prolonged access without raising suspicions.
Leveraging CSA CCM with StrongDM for Enhanced Cloud Security
Leveraging CSA CCM with StrongDM for Enhanced Cloud Security
The CSA CCM is a cybersecurity control framework specifically designed for cloud computing. It outlines a comprehensive set of best practices and security controls across 17 domains that are designed to ensure that cloud environments are secure and resilient against an ever expanding threat landscape. The CCM framework is structured to provide clarity and actionable guidance for the implementation of security measures in a prescriptive and adaptable way for recognized compliance standards and
new-strongdm-desktop-app-ui
Want to learn more?
See StrongDM in action. 👀
Book a Demo