identity access management

Conclusion:

As organisations flesh out their detection and response strategies, one new area of applicability of this technology deserves serious consideration. The new area is identity detection and response (IDR). Most of the current detection capabilities are clustered around the malicious actor’s activity across the infrastructure. Activities such as lateral movement using networks, system compromise using fileless malware, and even social engineering users to act on the attacker’s behalf.

Yet identity is the holy grail sought out by malicious actors in almost every penetration of a system. It is central to every IT environment. Organisations should examine IDR and assess the visibility it may bring to their detection systems.