StrongDM Blog (10)

What K-Pop Taught Me About Building Innovative, Usable Software

K-Pop, it turns out, is kind of like a great laboratory of what happens when you prioritize your audience. In a weird way, K-Pop bands are doing what

Vendor Access Management (VAM) Explained

Vendor Access Management (VAM) is the systematic control and oversight of vendor access to an organization's systems, applications, and data. It

Posts by Category:

What Is Fine-Grained Access Control? Challenges, Benefits & More

Fine-grained access control systems determine a user’s access rights—to infrastructure, data, or resources, for example—once past initial authentication. Unlike coarse-grained access control (CGAC), which relies on a single factor, such as role, to grant access, FGAC relies on multiple factors. For example, it may consider policies (policy-based access control, or PBAC), attributes (attribute-based access control, or RBAC), or a user’s behavior in a certain context (behavior-based access

Implicit Trust vs. Explicit Trust in Access Management

Trust is an essential cornerstone in access management. However, not all trust is created equal. When it comes to how you approach access, two types of trust stand out: implicit trust and explicit trust.

What’s New at StrongDM | November 2023

November has been an electrifying month for us, filled with anticipation and hard work. We are thrilled to share the latest and greatest from the team as we establish the foundation for our newest capabilities.

AWS re:Invent 2023 Recap: RDS for Db2, EKS Pod Identity & More

re:Invent 2023 was AWS’ 12th conference, and it did not disappoint. More than 50,000 of us descended onto Las Vegas for a week of learning, networking, and discussing all things cloud. The campus was insanely large, spanning most of the Las Vegas strip, so that meant we got our steps in! We had some fun along the way, as well, at the many social gatherings, parties and amazing musical experience re:Play.

Joiners, Movers, and Leavers (JML) Process (How to Secure It)

People come, and people go, and while digital identities should cease to exist after a departure, many times, this doesn’t happen. At any given time, organizations can have thousands of user identities to manage and track, so when processes aren’t automated, it’s easy for many identities to fall through the cracks. This phenomenon is called Identity Lifecycle Management, and when it comes to access and security, it’s worth the time to get it right.

Unlocking Continuous Zero Trust Authorization with Strong Policy Engine

We are thrilled to announce an exciting new addition to the StrongDM Dynamic Access Management (DAM) platform: Continuous Zero Trust Authorization. This powerful capability can help organizations leap forward in the Zero Trust journey by enabling continuous, contextual, and granular authorization and control over resources and data

Reduce Security Risk with StrongDM Device Trust

We are thrilled to announce a new feature to our StrongDM® Dynamic Access Management (DAM) platform: Device Trust. This feature amplifies your organization's security posture by employing device posture data from endpoint security leaders CrowdStrike or SentinelOne.

How to Meet NYDFS Section 500.7 Amendment Requirements

The New York Department of Financial Services (“NYDFS”) Cybersecurity Regulation is a set of comprehensive cybersecurity requirements that apply to financial institutions operating in New York. The goal of the regulation is to ensure that the cybersecurity programs of financial institutions have robust safeguards in place to protect customer data and the financial sector.

What’s New at StrongDM | October 2023

As the autumn leaves fall and Halloween costumes are tucked away, it's time to share product updates before we gather around the Thanksgiving table. This month, StrongDM dives into the passwordless future using cloud-native authentication to meet modern infrastructure demands. Also coming soon, keep an eye out for Device Trust: A new feature that adds critical context to your access connections and narrows the aperture for risk. Read the details below.

AWS Well-Architected Framework Security Best Practices

The AWS Well-Architected Framework has been a staple for many years for AWS practitioners of all sorts, including cloud architects and platform engineers. It’s a blueprint for architectural and design best practices that will lay the foundation for resilience, operational efficiency, and security on the AWS Cloud.

Fine-Grained vs. Coarse-Grained Access Control Explained

If credentials fall into the wrong hands, intruders may enter a network and launch a disastrous attack. In fact, 46% of cybersecurity incidents involve authentication credentials, according to the Verizon 2022 Data Breach Investigations Report. Organizations have two general ways to determine someone’s access rights once past initial authentication: Coarse-grained access control (CGAC), which relies on a single factor, and fine-grained access control (FGAC), which relies on multiple factors.

MITRE ATT&CK Framework Containers Matrix for Kubernetes

If you’re Kuberntes admin and you’re not familiar with the tactics outlined in the MITRE ATT&CK framework, this blog post is for you. MITRE ATT&CK framework is an extensive knowledge base of tactics and techniques employed by bad actors that defensive security experts use to help defend their organizations against attack, and many times, used by their offensive security counterparts to test their weaknesses.

8 9 10 11 12 33

Want to learn more?
See StrongDM in action. 👀

Book a Demo