/plushcap/analysis/veza/a-field-guide-to-bad-permissions-part-2-expired-permissions

A field guide to bad permissions part 2: expired permissions

What's this blog post about?

The increasing scale and complexity of identity security due to cloud migration has led to the need for new approaches to manage risky permissions. Expired permissions are one such issue that arises when necessary permissions granted to employees or service accounts are not revoked after their purpose is fulfilled. This can happen because IAM teams prioritize urgent work over removing access no longer needed, and it's difficult to recognize expired permissions without full context. To fix this problem, organizations need to create a culture of access removal and continuously monitor for bad permissions using tools like Veza's Authorization Graph.

Company
Veza

Date published
Nov. 30, 2023

Author(s)
Kale Bogdanovs

Word count
1219

Hacker News points
None found.

Language
English


By Matt Makai. 2021-2024.