Loading
Preparing your Intelligence workspace
We are restoring your source feed, E-Fraud Watch context, account state, and trust signals.
Loading
We are restoring your source feed, E-Fraud Watch context, account state, and trust signals.
Many organizations generate least-privilege IAM policies but never deploy them. That leaves existing permissions available for attackers to abuse after compromising workloads like CI/CD runners. Instead of depending on thousands of manually applied policies, Sandy Bird describes a behavioral approach: if an identity suddenly attempts a privileged action it has never performed before—like creating access keys—the request is blocked until approved. The goal is to stop attacker behavior even when permission cleanup hasn't happened. Is it more effective to continuously reduce permissions, or should organizations focus first on enforcing guardrails around unexpected privileged actions? Subscribe to our podcasts: https://securityweekly.com/subscribe #CloudSecurity #IAM #SecurityWeekly #Cybersecurity #InformationSecurity #AI #InfoSec
Trust cues for videos