Death by a Thousand Control Planes: The Reality of Modern Privileged Access

OVERVIEW

We are hurdling through a period of profound change to our business applications, mostly unnoticed from the perspective of privilege. These applications that run our enterprises, which hold our business-critical data, have historically been sheltered by our corporate networks. As we modernize and move to a world of software-as-a-service (SaaS), we introduce new attack surfaces, and new control planes. The simplification and agility that Salesforce, Workday, ServiceNow, and the infinity of other SaaS applications out there bring to our businesses, they present a new challenge for defining who, and what, is privileged access.

In this session, we will explore the reality of modern privileged access and its intersection with modern authentication and identity management. We will define the new attack surfaces SaaS applications present and the challenges they bring to securing the enterprise estate. We won’t just discuss theory; we will walk through common integration patterns and the challenges with privileged access that arise. Moreover, we will outline the road ahead and provide actionable steps organizations should take to protect their enterprises, applications, and data, in our SaaS-driven world.

Presented By

Eric Woodruff Headshot

ERIC WOODRUFF

Senior Security Researcher, Semperis