Audio Cast:

Takeaway Points:

• Relatively new definition appearing regularly in the last 3 years

• Definition is not standardised and many vendors describe it in different ways

• What is the problem being solved?

• IAM infrastructure becoming regular adversarial target - why?

• IAM components often isolated, poorly integrated and create trust and visibility blind spots

• IAM components - including relying systems spread across different deployment locations - on-prem, private cloud, containers, virtual, cloud service providers, SaaS

• Introduces disconnected detection, protection and response issues

• ITDR aims to provide overlay technology to protect end to end life cycle of identities

• I in ITDR: all IAM components, data and activity analysis, multiple identity types including customers, workforce and non-human/workloads

• T in ITDR: threat analysis, external intelligence, vulnerability analysis of data and static components, threat informed defence, risk based approach to modelling

• D in ITDR: rule and behaviour based detection of issues, misconfiguration and posture, abnormal activity

• R in ITDR: semi-automated and automated response, chatops integration, alteration of in-flight access and long term policy

Arrange Training