Moffatt’s Mystical Quartet

A humerus take to track this weeks events

Curated Industry Headlines

• Auth0: Refresh Token Security: Detecting Hijacking and Misuse with Auth0

• AWS: IAM Identity Center now supports customer-managed KMS keys for encryption at rest

• AWS: Automate OIDC client secret rotation with Application Load Balancer

• BBC: Cyber attack contingency plans should be put on paper, firms told

• FIDO Alliance: White Paper: FIDO and the Shared Signals Framework

• Frontegg: AI Agent Identity Management: The Future of Trust

• FusionAuth: Interview With Founder & CEO Brian Pontarelli About The State Of Homegrown Authentication

• Google: Announcing quantum-safe Key Encapsulation Mechanisms in Cloud KMS

• Keystrike: SIEM Blind Spot: Why Logging isn’t Enough

• UK NCSC: 2025 Annual Review

• Saviynt: Bets big on India, unveils its largest innovation hub in Bengaluru

• SGNL: JIT access is still standing access to your cloud

• SpecterOps: The Clean Source Principle and the Future of Identity Security

• Strata: Agent credential replay: Why bearer tokens are digital cash in a tornado

• StrongDM: Why Legacy PAM Fails in the Cloud (And the Cloud-Native Fix)

• Uber: Adding Determinism and Safety to Uber IAM Policy Changes

Identity Threat Intelligence Updates

• Broken Authorization in APIs: Introducing Autoswagger

• IAMhounddog: A tool to help pentesters quickly identify privileged principals in AWS

• SAMLSmith: Tool for crafting Golden and Silver SAML Attacks

• Salty 2FA: Phishkit Overview

Up Coming Event Attendance:

• Crowdstrike Crowdtour Manchester - Oct 22 (attendee)

• Future Identity Festival - London - Nov 10/11 (hosting panels NHI/cloud)

• Blackhat EMEA - London - Dec 10/11 (attendee)

Free Identity Security Cheat Sheets

• Cheat Sheet: Top 30 IAM Metrics for B2C

• Cheat Sheet: Top Metrics for B2E IAM

• Cheat Sheet: MCP Security

• Cheat Sheet: Agentic-AI Identity Security

From The Archives

Last Months Industry Webinar:

• 17 September - Detect, Protect and Defend: A Holistic Approach to Human and Non-Human Identity Security with Permiso

Reserve Your Seat

Recent Podcasts

• E63 The Analyst Brief: Are Identity Platforms Legacy? The Rise of Identity Information Flows

Recent Research Reports:

• The Cyber Hut: A Market Guide to Identity Security Posture Management (ISPM): The Role of Data-Centric Identity Observability

Recent Insight and Comment:

• Shifting Left of Boom in Identity

• Stale access, stale risk: is Continuous Identity the answer?

• Comment on the role of IAM in Operational Technology for Industrial Cyber magazine

• Interview on Ep. 118 Identerati Office hours sponsored by Gluu (Future of IAM)

• Interview in Issue 02 IAM360 magazine by Thales (The new meaning of identity)

• Migrating to Data-Centric ISPM

• Siloes of Failure: Identity as the Unifying Control

Recent Industry Webinars

• Identity-First Security for AI Agents with Token Security

• Addressing the IAM Data Problem: A fireside chat with Radiant Logic

• An Identity Security Playbook: The What and The Why with Silverfort

• Putting the AI in IAM a fireside chat with Apono

• Too Many IDPs: Why Now, How to Rationalize?

• The First Step to Tackling the NHI Security Challenge

• Addressing Blind Spots in Identity Security for 2025

Recent Academy Episodes:

• 37: What is Identity Risk Management?

• 36: What is Identity Data Management?

• 35: What are Initial Access Brokers?

• 34: What is SPIFFE?

• 33: What Role does AI play in IAM?

Recent Vendor Assessment Reports:

Recent Vendor Introduction Interviews:

Recent Video Shorts:

Order IAM and Identity Security Books on Amazon:

• IAM at 2035: A Future Guide to Identity Security - Paperback, Audio, Kindle and Hardback

• CIAM Design Fundamentals - Paperback, Audio and Kindle

Download Latest 120 Vendor Directory