TechSpective Identity and Access Management Coverage
TechSpective’s Identity and Access Management section covers one of the most rapidly shifting domains in enterprise security — where the definition of “identity” itself is being rewritten by AI agents, non-human accounts, and automated traffic that now outnumbers human users online.
A dominant theme is the identity problem that agentic AI has introduced. Articles examine why enterprises are deploying AI agents without proper access governance, how non-human identities require the same lifecycle management as human employees, and why treating AI agents as untrusted devices is a practical security necessity. The section also addresses the uncomfortable reality that identity is now the primary attack vector — and that recovery after a breach is increasingly an identity problem, not just a data restoration problem.
On the infrastructure side, coverage digs into Active Directory resilience and the shrinking pool of engineers who actually understand on-premise Microsoft identity environments, alongside analysis of how platforms like Cayosoft, Druva, and Rubrik are approaching identity resilience and recovery. Browser security as an identity control surfaces through coverage of CrowdStrike’s acquisition of Seraphic.
Contributors are led by Tony Bradley, a CISSP-ISSAP credentialed journalist and Air Force veteran. The audience includes identity architects, IAM engineers, CISOs, and security operations teams navigating a perimeter-free environment where controlling access — human and machine — is the core security challenge.
There’s a moment in my conversation with Bob Bobel where he mentions that customers are having a harder time finding people who actually know Active Directory. Not cloud identity — the old on-premise stuff that most large organizations still run. […]
The Microsoft Enterprise Recovery Problem AI Can’t Fix Read More »
Most identity attacks don’t begin with malware. They start with a valid credential — a misconfigured account, an over-privileged service identity, or stolen credentials that give an attacker a quiet way in. By the time anyone knows something is wrong,
How Cayosoft Is Pushing Identity Security ‘Left’ of the Attack Read More »
Automated traffic on the internet grew nearly eight times faster than human traffic in 2025. The more important shift isn’t the volume—it’s what that automation is actually doing now. For years, the bot problem was mostly a nuisance. Scrapers grabbed
The Internet Is No Longer Built For Humans Read More »
The Air Canada chatbot case from a couple of years back was a preview. The bot gave a customer incorrect information about bereavement fares. Air Canada tried to disclaim responsibility. A tribunal ruled that the airline owned what its AI
The Case For Treating AI Agents Like Untrusted Devices Read More »
For a long time, cyber recovery meant restoring data. Get the servers back online, recover the files, and reset some passwords. Identity was something you dealt with after the real work was done. That thinking is getting organizations into trouble.
Identity Resilience Is the Real Cyber Recovery Problem Read More »
Most security teams have more data than they know what to do with. Alerts, dashboards, telemetry feeds—all of it pointing at things that need attention. The problem isn’t that they can’t see the risks. It’s that seeing them and actually
AI Is Helping Security Teams Move from Detection to Action Read More »
ink about the last time you onboarded a new employee. You set up their accounts, figured out what systems they needed access to, and provisioned the right permissions. When they changed roles, you updated the access. When they left, you
Enterprises Are Deploying AI Agents Without Governing Their Access Read More »
For years, identity security has revolved around people. Employees log into systems. Contractors access shared tools. Partners connect to platforms through federated identities. Identity governance programs were designed to manage those relationships—who someone is, what they can access, and when
From Identity Visibility To Agentic Access Management Read More »
I’ve been a fan of the Mission: Impossible movies for as long as Ethan Hunt has been saving the world from certain doom. There’s something endlessly compelling about watching Hunt and his team race against impossible odds—outthinking adversaries, adapting on
The New Perimeter Is Identity—and It’s Moving Faster Than We Are Read More »
The browser sits in an awkward place in enterprise security. Everyone knows it matters. It’s where users work, where applications run, and where data moves. But it is also treated as something adjacent to “real” security controls—either locked down with
CrowdStrike Acquires Seraphic to Address a Dangerous Security Blind Spot Read More »
