John Martinez

Technical Evangelist, has had a long 30+ year career in systems engineering and architecture, but has spent the last 13+ years working on the Cloud, and specifically, Cloud Security. He's currently the Technical Evangelist at StrongDM, taking the message of Zero Trust Privileged Access Management (PAM) to the world. As a practitioner, he architected and created cloud automation, DevOps, and security and compliance solutions at Netflix and Adobe. He worked closely with customers at Evident.io, where he was telling the world about how cloud security should be done at conferences, meetups and customer sessions. Before coming to StrongDM, he lead an innovations and solutions team at Palo Alto Networks, working across many of the company's security products.

StrongDM has been featured in Forbes, The New Stack, VentureBeat, DevOps.com, TechCrunch, and Fortune.

Expertise

Authentication, Passwordless, Observability, Auditing, Identity and Access Management, AWS, Security, Access, Zero Trust, Secure Access Service Edge, Compare

Latest blog posts from John

What Is Passwordless Authentication? (How It Works and More)

In this article, we dive into passwordless authentication and some of the implications of using this verification method. You’ll learn about examples of passwordless authentication solutions, whether they're secure, and how it's different from multi-factor authentication (MFA). After reading this article, you’ll have a full understanding on how passwordless authentication works and how it can address today’s cybersecurity and access management challenges.

Data Observability: Meaning, Framework & Tool Buying Guide

Data observability can help companies understand, monitor, and manage their data across the full tech stack. In this article, you’ll learn what data observability is, the differences between data observability, monitoring, and data quality, and what information you can track with data observability. By the end of this article, you’ll discover how to implement data observability and find the right data observability tools for your organization.

Three Pillars of Observability Explained: Metrics, Logs, Traces

In this article, we’ll focus on the three pillars of observability. You’ll learn about the definitions, strengths, and limitations of each pillar. By the end of this article, you’ll know about their individual contributions and typical real-world challenges, tying them together for an overall view of your system.

Understanding the Difference Between IAM Roles and Policies in AWS

In this article, you’ll learn the difference between AWS roles vs. policies and see examples of each. By the end of this article, you’ll have a clear understanding of what distinguishes an AWS role from a policy, in addition to understanding the difference between IAM roles, users, and groups.

Observability vs. Monitoring: Understanding the Difference

Observability and monitoring are often used interchangeably, but there are key differences you should know between these two IT terms and the tools that enable them. In this article, we’ll explore the relationship and differences between observability vs. monitoring. Plus, you’ll learn about what makes observability and monitoring different from telemetry and application performance monitoring (APM).

Understanding GCP IAM Roles

In this article, you’ll learn about how GCP IAM works and the different types of roles that can be delegated to users as well as when those roles are most appropriate in the GCP environment. By the end of this article, you’ll have a clear understanding of the pros and cons of each different role type as well as their limitations.

Identity and Access Management (IAM) Best Practices

In this article, we'll list eleven Identity and Access Management (IAM) best practices and describe each one of them in detail. You'll also learn how to make these best practices standard in your organization.

Understanding Software-Defined Networking (SDN)

In this article, we will take a comprehensive look at software-defined networking (SDN). You’ll learn what it is, how it works, and what its benefits and disadvantages are. You’ll also learn how SDN compares to and works with other types of networks and get answers to common questions.

What is an Attack Surface? (And the Best Way to Reduce It)

Data breaches are a perpetual risk for modern organizations — and the wider your attack surface, the higher your organization’s risk of a breach. In this article, we will take a high-level look at what your attack surface is, what vectors and endpoints may be at risk, and how to analyze your attack surface.

What is SD-WAN? Everything You Need to Know

In this article, we’ll review what SD-WAN is, its history and development, as well as the key benefits and limitations of SD-WAN deployment. You’ll learn the difference between SD-WAN and WAN, VPNs, MPLS, and SDN and how the different services and solutions compare.

What Is Lateral Movement? (And How to Detect & Prevent It)

Lateral movement is when an attacker gains initial access to one part of a network and then attempts to move deeper into the rest of the network — typically via remote desktop tools or remote administration tools (RATs).

Alternatives to Pomerium

Pomerium is an "identity-aware proxy" which aims to disrupt the VPN industry. Pomerium works on just about any device, providing remote access management solutions for individuals to enterprise level companies. Pomerium works as a SASE solution which allows users to manage authentication and authorization of any internal or third party application. Essentially, Pomerium adds SSO capabilities to just about any application. However, if you're looking for a more robust way to manage access to

Alternatives to Proofpoint

Proofpoint is a SaaS based cybersecurity and compliance company which purchased Meta Networks in 2019. Proofpoint ZTNA (Meta Networks) is a Zero Trust Network Access provider that specializes in granting secure remote access from a user-level. They focus heavily on providing users with the ability to securely access company resources from any location, while ditching the need for a VPN. However, if you're looking for a simple and secure way, without expensive starting costs and required

Alternatives to Perimeter 81

Perimeter 81 is a cloud-based Secure Access Service Edge (SASE) platform that provides centralized access to local networks, applications, and cloud resources. The company takes a security-first approach and aims to disrupt the VPN industry by offering a simple and scalable network access alternative for organizations of all sizes. However, if you're looking for a more reliable and enterprise-ready solution to manage access to infrastructure, Perimeter 81 might not be the best solution for your

Want to learn more?
See StrongDM in action. 👀

Book a Demo