Welcome to IAM Security, a technical blog focused on practical identity security.
This site covers Microsoft Entra, SailPoint IIQ, CyberArk, AWS IAM, OAuth, OIDC, SAML, workload identity federation, privileged access, identity governance, and related security architecture topics.
SailPoint IIQ, lifecycle management, access reviews, roles, and policy enforcement.
CyberArk, vaulting, privileged sessions, password rotation, and break-glass access.
AWS IAM, Azure identity, cloud permissions, cross-account access, and least privilege.
OAuth, OIDC, SAML, MFA, Conditional Access, and federation architecture.
WIF, service principals, managed identities, non-human identities, and machine access.
Identity-centered security, continuous verification, and risk-based access.
A practical model for understanding how permissions spread across Microsoft Entra, Azure RBAC, PIM, groups, service principals, managed identities, and scope inheritance.
Categories: Cloud IAM , Authentication & Federation , Zero Trust Architecture
Tags: microsoft-entra , azure-rbac , pim , permission-sprawl , least-privilege , identity-governance , zero-trust
Series: Microsoft Entra Security
A practical introduction to Microsoft Entra Conditional Access and how it fits into modern identity security.
Categories: Authentication & Federation , Zero Trust Architecture
Tags: microsoft-entra , conditional-access , zero-trust , mfa
Series: Microsoft Entra Security