SGNL

Questions that matter: How to spot security vaporware before it wastes your time Cut through the buzzwords and get to the truth with smarter questions that reveal whether a security product actually works

Security vendor buzzword bingo getting exhausting? Erik Gustavson's new guide cuts through the vendor noise with smart questions that separate real capabilities from marketing spin. 🔗 sgnl.ai/2025/09/guid...

Stale access, stale risk: is Continuous Identity the answer? Featured guest post. Traditional IAM was built for a static world that no longer exists—discover why point-in-time identity decisions can't keep pace with today's dynamic business environment and …

Stale access = silent security killer. Sessions stay active after termination, compromised devices go undetected, access decisions ignore real-time risk.

Simon Moffatt breaks down why Continuous Identity beats static permissions sgnl.ai/2025/09/stal...
#ContinuousIdentity #AccessControl

SGNL welcomes the publication of the final Shared Signals and CAEP specifications! Publication represents over 6 years of work from tens of companies

OpenID Foundation published final SSF, CAEP & RISC specs after 6+ years.

Game-changer for identity security: systems can now share session changes instantly (device compromise, risky location, etc.) instead of polling or guessing.

Real-time decisions = no exposure windows.

sgnl.ai/2025/09/sgnl...

Continuous Identity Sessions Practical guidance for building better IAM programs

Introducing... the Continuous Identity Sessions!

ep1: @iglazer.bsky.social breaks down what "Continuous Identity" actually means and the practical steps for evolving your existing IAM investments without starting over

Subscribe to the series to get alerted of all new episodes:
sgnl.ai/sessions/

Your PAM vendor was acquired. What does that mean for your cloud roadmap? Recent acquisitions in the PAM space are creating uncertainty, especially as existing solutions struggle with cloud demands. It's time to assess whether your PAM roadmap aligns with your cloud …

Your PAM vendor just got acquired. Now what?

@mathamlin.bsky.social breaks down what security teams should actually do—and why this might be the perfect opportunity to rethink privileged access entirely.

sgnl.ai/2025/08/pam-...

How SGNL helps you meet and exceed your compliance mandates Traditional compliance approaches rely on periodic access reviews and static snapshots, but modern regulatory demands require real-time visibility into access decisions and the business context that …

Audits don't have to be painful quarterly scrambles. Continuous Identity actually makes compliance requirements easier to meet while improving your security posture. Win win. New post on how real-time access controls support SOC 2, ISO 27001, and PCI DSS frameworks. sgnl.ai/2025/08/how-...

What is Continuous Identity, and why every IAM team should care The traditional IAM playbook is failing at machine speed—here's why Continuous Identity represents the generational shift identity teams need to understand and adopt now.

Identity systems make static decisions in a dynamic world. That's the fundamental problem.

@iglazer.bsky.social explains Continuous Identity and why access decisions need to adapt in real time to who you are, where you are, and what's changing around you. sgnl.ai/2025/07/what... #ContinuousIdentity

The throughline from CSP to Continuous Identity, and the case for real-time Zero trust architecture promises to verify every access request, but most systems still rely on static tokens that can't adapt to changing context—the Continuous Security Paradigm showed us the …

Identity security is hitting an inflection point. Static policies can't keep up with AI agents, remote work, and machine-speed threats.
Our latest post covers why #ContinuousIdentity matters and how real-time identity orchestration is becoming table stakes for enterprises. sgnl.ai/2025/07/csp-...

Exceed NIST 1800-35’s Zero Trust demonstrations with continuous, context-aware identity NIST's new Zero Trust guide proves ZTA works in practice… but also reveals exactly why current approaches still leave critical gaps that only continuous identity can fill.

NIST's new Zero Trust guide proves ZTA works—but reveals critical gaps. JIT Provisioning ≠ Zero Standing Privilege. True ZSP needs ephemeral access, not temporary roles. @mathamlin.bsky.social gives the analysis: sgnl.ai/2025/07/nist...
#continuousidentity #zsp

Aligning identity with business goals The short and sweet masterclass on making IAM initiatives a win-win for the broader business

Identity programs that don't align with business outcomes get defunded. It's that simple. @iglazer.bsky.social breaks down how to shift from reactive identity management to strategic business enablement through a little business translation.

🔗 sgnl.ai/2025/06/alig... #IAM #IdentitySecurity

What I took away from the Gartner SRM conference IAM and Gen AI stole the show!

Gartner SRM made one thing clear: static roles and standing privileges aren't cutting it anymore
Atul Tulshibagwale breaks down the key themes from the conference floor, covering everything from AI agent security to why enterprises are finally embracing dynamic access control
sgnl.ai/2025/06/gart...

Why CSPM and CIEM can tell you where it Hurts, but can’t make you better CSPM and CIEM tools excel at showing you every cloud security risk, but like getting an X-ray without a doctor, they leave you staring at problems without the power to actually fix them.

#CSPM & #CIEM tell you where it hurts. But they can’t make you better.

Scott Kriz's latest post explores why that’s a problem, and how identity-first security can actually fix things in your cloud.

🔗 sgnl.ai/2025/06/why-...

Come see us at #Identiverse2025 this week and check out a live demo!

Press release: SGNL launches MCP Gateway to enable secure AI adoption for enterprise workforces SGNL delivers the missing control plane for AI, bringing continuous, real-time, context-aware access control to every MCP-enabled interaction

SGNL’s MCP Gateway is LIVE! 🚀

AI agents are reshaping enterprise workflows, but traditional access controls can’t keep up. SGNL’s MCP Gateway delivers continuous, real-time, context-aware access control for every interaction.

Secure AI adoption starts here: sgnl.ai/2025/06/pres...

Seven must-attend Gartner SRM sessions for identity-driven security leaders From Zero Trust wins to GenAI risk strategy, here are our seven can’t-miss sessions for identity-first security leaders heading to Gartner SRM 2025.

Identity is finally center stage at Gartner SRM 2025. We picked 7 standout sessions every identity-first security leader should catch from Zero Trust wins to GenAI risk management.
sgnl.ai/2025/05/seve...

Must-see Identiverse sessions for modern access control If you’re heading to Identiverse 2025 and your work involves continuous access, modern privileged identity strategies, or enterprise authorization, this year’s agenda delivers. We’ve pulled …

Going to Identiverse? We pulled together a list of sessions that dive into modern access control—things like continuous evaluation, policy-based access, and what Zero Trust actually looks like in practice.

sgnl.ai/2025/05/must...

#Identiverse #AccessControl #IAM #ZeroTrust

2040 IAM vision, today’s reality: Zero Standing Privilege takes center stage Martin Kuppinger's 2040 IAM predictions are already becoming reality as zero standing privilege emerges as the clear path forward for modern enterprises.

At KuppingerCole’s EIC last week, the identity vision for 2040 was bold — but some of it is already in motion.

@iglazer.bsky.social broke down what’s actually achievable today, where orgs are making progress, and why timing matters more than ever in access decisions.

sgnl.ai/2025/05/kupp...

How AuthZEN, and Shared Signals & CAEP complement each other Most cyber attacks leverage identities. AuthZEN, and Shared Signals and CAEP complement each other, making them our best defense against such attacks.

Real-time access enforcement needs more than signals- it needs meaning.

Atul TUlshibagwale from @sgnl.bsky.social explains how AuthZEN + Shared Signals form the missing link in modern Zero Trust: openid.net/how-authzen-...

#AuthZEN #CAEP #identitysecurity

Granular access control for cloud applications: why it matters and how to get it right Static roles and outdated PAM tools don’t cut it in the cloud. Here’s how SGNL enables real-time, granular access control that scales with your risk.

Too many orgs are still giving users way more access than they need.

New post: Why granular access control is the key to cloud app security—and how to actually pull it off.

Read the blog: sgnl.ai/2025/04/gran...

#cybersecurity #cloudsecurity #leastprivilege

The impact of device posture on identity security User identity is only half the story. Learn how device posture shapes secure access decisions and how SGNL makes it actionable in real time.

Identity decisions shouldn’t stop at the user. Device posture matters, especially in a zero-trust world.
In our latest post, Atul Tulshibagwale unpacks what device posture means, why it’s often overlooked, and how to make it actionable.
sgnl.ai/2025/04/the-...
#identitysecurity #zerotrust

The OWASP NHI top 10: a step forward for non-human identity security Ian Glazer breaks down the new OWASP NHI Top 10 and shares why it’s a critical step toward securing non-human identities.

The OWASP NHI Top 10 dropped and updates are underway, and it’s more than just a list. It’s a turning point for identity in application security.

@iglazer.bsky.social breaks down what it means, what to do next, and why it matters more than ever.

🔗 sgnl.ai/2025/04/owas...

Staying ahead: powering smarter cloud incident response How SGNL enables dynamic access control and real-time response during cloud security incidents—reducing risk without disrupting operations.

Cloud outage? Most teams rush to triage and comms. But what about access? @erikgustavson.bsky.social has thoughts.

Smart take for anyone thinking about identity as a live system, not just a static control.

📖 sgnl.ai/2025/04/dyna...

Happy Identity Management Day to all who celebrate (and honestly… everyone should be) 🎉

Your identity is your security perimeter. And if access isn’t being continuously evaluated using meaningful context, it’s probably being misused. Cheers!

#IdentityManagementDay #IAM #IdentitySecurity

Why traditional PAM fails in the cloud—and what to do instead Traditional PAM tools weren't built for the cloud—how modern privileged identity management (MPIM) offers a better path to secure cloud access.

Legacy PAM doesn’t work in the cloud.
It’s slow. It’s static. It wasn’t built for identity-first access.

Here’s what a modern approach looks like in practice 👇
🔗 sgnl.ai/2025/04/why-...

#cybersecurity #cloudsecurity #identitysecurity #PAM #infosec

How to secure your CI/CD pipeline with SGNL Learn how SGNL works to enforce security in GitHub and GitLab workflows using rich, teal-time context.

CI/CD pipelines are high-speed, high-risk.

Our latest blog breaks down how SGNL integrates with @github.com and @gitlab.com to secure your workflows—without slowing things down.

👉 sgnl.ai/2025/04/gith...

#DevSecOps #CI_CD #AccessControl #GitHub #GitLab #SGNL

Gartner IAM Summit London 2025: key takeaways from the ground Mat Hamlin’s key insights from the Gartner IAM Summit 2025, where identity-first security and Zero Standing Privilege took center stage.

Just back from #GartnerIAM London

Mat Hamlin from the SGNL crew dropped a recap of the big takeaways—and what people weren’t talking about (👀 authorization, anyone?).

A quick, insightful read for anyone keeping tabs on IAM in 2025:
sgnl.ai/2025/03/gart...

As AI agents become integral to enterprise operations, managing their access to sensitive data is critical.​

Announcing SGNL's support for the Model Context Protocol (MCP), ensuring dynamic, real-time security for AI-driven automation.

Learn more sgnl.ai/2025/03/mcp-...

#AI #AccessManagement #MCP

Gartner IAM London 2025 main stage with Atul Tulshibagwale presenting

Gartner IAM London 2025 interop session. Full room of people viewing interoperability sessions with SGNL's CAEP Hub

Just wrapped an incredible few days at #GartnerIAM London! SGNL CTO Atul Tulshibagwale led a session on building a trust fabric with SSF & CAEP + hosted the Interop event with the OpenID Foundation. Exciting to see so many orgs aligning on open standards for real-time identity security.

Leveraging Continuous Access Evaluation Profile (CAEP) for Cloud Security Learn how CAEP enhances cloud security by addressing risks like stale sessions and compromised devices.

Stale sessions and compromised devices are common risks in cloud environments—and they’re tough to manage with traditional access controls. Atul Tulshibagwale explains how CAEP helps cloud services respond dynamically to security changes, improving zero-trust security.
sgnl.ai/2025/03/caep...

How can open standards power real-time identity security?

Join SGNL CTO Atul Tulshibagwale at Gartner IAM London as he leads a panel on how SSF & CAEP enable real-time, secure identity decision-making across organizations.
March 24 | 11:45 AM GMT

Learn more: