identity-security
3 posts tagged identity-security.
-
The 28-Hour Bargain: How Continuous Access Evaluation Made Long-Lived Tokens Safe
How Microsoft Entra Continuous Access Evaluation lets access tokens safely live up to 28 hours by pairing them with a near-real-time revocation channel.
-
AD Is a Graph: How BloodHound Made Defenders Think Like Attackers
From Lambert's 2015 essay to Microsoft Security Exposure Management in 2024 -- how the attack-path graph became the default model for Active Directory security.
-
Privileged Identity Management: How a Two-State Role Assignment Retired Standing Admin
Microsoft Entra PIM did not add eight features. It added one field to the role-assignment object -- and everything else, from activation policies to GDAP, is downstream.