Skip to Content
Identity Attack Vectors: Implementing an Effective Identity and Access Management Solution
book

Identity Attack Vectors: Implementing an Effective Identity and Access Management Solution

by Morey J. Haber, Darran Rolls
December 2019
Intermediate to advanced content levelIntermediate to advanced
205 pages
5h 2m
English
Apress

Overview

Discover how poor identity and privilege management can be leveraged to compromise accounts and credentials within an organization. Learn how role-based identity assignments, entitlements, and auditing strategies can be implemented to mitigate the threats leveraging accounts and identities and how to manage compliance for regulatory initiatives.

As a solution, Identity Access Management (IAM) has emerged as the cornerstone of enterprise security.  Managing accounts, credentials, roles, certification, and attestation reporting for all resources is now a security and compliance mandate. When identity theft and poor identity management is leveraged as an attack vector, risk and vulnerabilities increase exponentially. As cyber attacks continue to increase in volume and sophistication, it is not a matter of if, but when, your organization will have an incident. Threat actors target accounts, users, and their associated identities, to conduct their malicious activities through privileged attacks and asset vulnerabilities.

Identity Attack Vectors details the risks associated with poor identity management practices, the techniques that threat actors and insiders leverage, and the operational best practices that organizations should adopt to protect against identity theft and account compromises, and to develop an effective identity governance program.


What You Will Learn

  • Understand the concepts behind an identity and how their associated credentials and accounts can be leveraged as an attack vector
  • Implement an effective Identity Access Management (IAM) program to manage identities and roles, and provide certification for regulatory compliance
  • See where identity management controls play a part of the cyber kill chain and how privileges should be managed as a potential weak link
  • Build upon industry standards to integrate key identity management technologies into a corporate ecosystem
  • Plan for a successful deployment, implementation scope, measurable risk reduction, auditing and discovery, regulatory reporting, and oversight based on real-world strategies to prevent identity attack vectors


Who This Book Is For

Management and implementers in IT operations, security, and auditing looking to understand and implement an identity access management program and manage privileges in these environments

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software

Securing the Perimeter: Deploying Identity and Access Management with Free Open Source Software

Michael Schwartz, Maciej Machulak

Publisher Resources

ISBN: 9781484251652Purchase LinkPublisher Website