Identity Attack Vectors


Estimated Reading Time: < 1 minute

Honored to have had the privilege to write the forward to the third book of Morey Haber‘s trilogy of enterprise attack vectors. This installment, written with Darran Rolls, discusses the details of identity-based attacks and how to protect against them.

I’ve written frequently about the necessity of adequately managing the digital identities of our enterprise users. Morey’s latest addition to his series goes into detail around how to manage these assets on an enterprise-scale, from the most basic of concepts to how world-class companies approach identity management.

Highly recommended for security professionals of any level who need to understand the value of identities and the necessity of protecting them.


Copyright © 2002-2024 John Masserini. All rights reserved.


By JM

One thought on “Identity Attack Vectors, by Haber and Rolls”
  1. Thanks for sharing this, John! The book appears to be an excellent read, I will definitely add it to my 2020 reading list. The authors appear to support the (now proven) adage that ‘identity is the new perimeter’, and that the Zero Trust model is a worthwhile pursuit, insofar as IAM is concerned: “For identity as an attack vector, threat actors will target a persona and exploit weaknesses in how these account relationships are managed.” Looking forward to reading your forward as well!

Leave a Reply

Your email address will not be published. Required fields are marked *

Chronicles of a CISO