The Identity Defined Security Alliance (IDSA), a nonprofit that provides vendor-neutral education and resources to help organizations reduce the risk of a breach by combining identity and security strategies, today announced several new members and two new technical working groups.
Rebecca Archambault, trusted identities leader for health insurance organization, Highmark Western and Northeastern New York, and H-ISAC Identity Working Group Lead, has joined the IDSA Customer Advisory Board (CAB) where she will provide her user perspective on the importance of identity in security strategies and help shape the work of the IDSA. Axiad, Ermetic, Sharelock, and Silverfort have also become IDSA members, joining over two dozen security vendors and solution providers committed to working together to develop vendor agnostic guidance on identity centric approaches to cybersecurity. Lastly, the IDSA has published new NIST Framework mapping and established two new technical working group subcommittees focused on developing specific resources around Cloud Infrastructure Entitlement Management (CIEM) and Machine Identity.
New Vendor Members
Axiad provides enterprises with a simple and smart passwordless solution which empowers users and IT teams to break up with their passwords and achieve complete trust across their digital ecosystem. Whether you need to secure your employees, their online interactions, or your machines and devices, Axiad ensures strong authentication with FIDO, MFA, and PKI all in one platform.
Ermetic provides identity-first security and compliance for AWS, Azure, and GCP. In one easy-to-use SaaS platform, Ermetic combines cloud identity governance and security posture management – for comprehensive risk mitigation across multi-cloud identities, network, data, and workloads.
Sharelock.ai is a leading provider of AI-powered Identity Behavioral Insights for the Zero Trust Identity architecture. Founded by CrossIdeas Identity veterans, Sharelock bridges the gap between Identity Management and Security Intelligence, enabling business users to prevent security risks connected to anomalous user behaviors, early on rather than ‘too late.’
Silverfort has created a Unified Identity Protection Platform that consolidates security controls across corporate networks and cloud environments to block identity-based attacks. Using innovative agentless and proxyless technology, Silverfort seamlessly integrates with all existing IAM solutions extending their coverage to assets that cannot otherwise be protected including homegrown/legacy applications, IT infrastructure, file systems, command-line tools, machine-to-machine access, and more.
New Focus Areas and Resources Groups
NIST Framework Mapping
For those organizations utilizing the NIST Cybersecurity Framework v1.1 and other publications from NIST and interested in further boosting their security posture through Identity Defined Security, the IDSA TWG subcommittee has developed a mapping of Identity Defined Security Outcomes to the Framework, SP 800-207 Zero Trust Architecture, and SP 800-63 Digital Identity Guidelines.
Cloud Infrastructure Entitlement Management (CIEM)
This group will study and develop guidance on the role of identity in CIEM and how this entitlement is different from general cloud identity management. The technical working group subcommittee will be headed by Shawn Larsen of Ermetic.
This group will study how the explosion of machine identities has created a significant attack vector in the enterprise and how identity defined security can be used to reduce the risk of a bad actor exploiting them. This subcommittee will be headed by Vieri Tenuta of Atos, and Cory Parsons of Venafi.
To access free, vendor-neutral resources from the IDSA, including best practices, webinars, whitepapers, research, thought leadership and more, visit https://www.idsalliance.org/.
About the Identity Defined Security Alliance
The IDSA is a group of identity and security vendors, solution providers, and practitioners that acts as an independent source of thought leadership, expertise, and practical guidance on identity centric approaches to security for technology professionals. The IDSA is a nonprofit that facilitates community collaboration to help organizations reduce risk by providing education, best practices, and resources.