identity-and-access-management
Safeguard articles tagged "identity-and-access-management" — guides, analysis, and best practices for software supply chain and application security.
9 articles
Top 10 Azure security risks and prevention
Real Azure breaches — BlueBleed, ChaosDB, OMIGOD, Midnight Blizzard — trace back to storage misconfigs, identity sprawl, and exposed secrets, not zero-days.
What is IAM (Identity and Access Management)
IAM defines who and what can access your systems, and getting it wrong is a root cause behind breaches at Capital One, Toyota, Uber, and CircleCI.
What is Single Sign-On (SSO)
SSO lets users log in once to access many apps — but it also concentrates identity into one high-value target. Here's how it works and its real risks.
Designing least-privilege custom roles with Azure RBAC
A practical guide to designing least-privilege custom roles in Azure RBAC, covering over-permissioning pitfalls, scoping, and audit strategies.
Best practices for using Azure Managed Identity instead o...
A step-by-step guide to Azure Managed Identity best practices: system vs user assigned identities, least-privilege roles, and secretless authentication.
Using Privileged Identity Management for just-in-time Azu...
A practical guide to using Azure conditional access PIM for just-in-time role activation, reducing standing privileges and strengthening least-privilege access.
OAuth and authentication patterns for Model Context Proto...
MCP OAuth authentication has been rewritten three times since March 2025. Here's how the spec, its token security model, and real CVEs like CVE-2025-49596 shape safe MCP deployments.
Cloud IAM privilege escalation paths explained
A breakdown of how cloud IAM privilege escalation paths work across AWS, GCP, and Azure, with real permission chains and breach examples.
AWS IAM policy misconfiguration vulnerability patterns
Wildcard policies, PassRole chains, and trust-policy gaps drive most AWS IAM breaches. Here's how these misconfiguration patterns actually get exploited.