The article compares the security features of AWS Elastic Kubernetes Service (EKS) and Google Kubernetes Engine (GKE), focusing on key areas such as identity and access management, network traffic control, configuration management, vulnerability management, and runtime threat detection. It highlights the differences in default settings and capabilities of both managed services, emphasizing aspects like IAM integration, firewall options, and runtime security tools.

The article discusses the security implications of escalating privileges to a global admin in Entra ID, highlighting potential vulnerabilities and the importance of secure access management. It emphasizes the need for organizations to adopt best practices to mitigate risks associated with elevated privileges in identity management systems.

Non-human identities (NHI) are rapidly increasing in enterprises due to the rise of cloud infrastructure, posing unique security challenges that traditional identity management approaches cannot address. Effective management of NHIs requires collaboration between identity and platform teams to establish security policies that prioritize automation and optimize developer experience. Solutions such as secrets management and lifecycle management are essential for mitigating risks associated with NHIs.

A critical flaw in Microsoft Entra ID, involving undocumented actor tokens and a vulnerability in the Azure AD Graph API, allowed potential global access to any organization's tenant without leaving logs of the actions taken. Security researcher Dirk-jan Mollema discovered that these actor tokens could be exploited to impersonate users, including Global Administrators, leading to severe security risks. Microsoft has since patched the vulnerability and is in the process of deprecating the affected API service.

The article discusses the often-overlooked vulnerabilities associated with SCIM (System for Cross-domain Identity Management) implementations, emphasizing the need for comprehensive security audits beyond traditional Single Sign-On (SSO) concerns. It highlights common bugs, such as authentication bypasses and internal attribute manipulation, that can arise due to the complexities of integrating SCIM with various platforms. The author provides insights into potential attack vectors and best practices for securing SCIM systems.

Red Hat OpenShift Virtualization, combined with HashiCorp Vault, addresses the secret zero problem in virtualized infrastructures by establishing machine identities for VMs. The article explores how to implement secure introductions and leverage Kubernetes-native patterns to enhance security and streamline operations for virtual machines.

BSides Seattle 2025 highlighted the pressing need to reevaluate security systems and identity management in light of non-human identities (NHIs) and the inadequacies of current frameworks. Keynotes from experts called for a shift towards attested, ephemeral identities that reflect the realities of system usage and stress, emphasizing that security must be user-friendly and resilient against human error. The event underscored the importance of building systems that work effectively under pressure and are designed with the complexities of modern infrastructure in mind.

Security should be integrated into platform engineering to enhance developer autonomy and innovation rather than act as a gatekeeper. By leveraging policy-as-code, centralized secrets management, and identity-based authentication, organizations can create a security framework that supports rapid development while maintaining robust protection against risks. This approach fosters collaboration between security and development teams, enabling a more efficient and secure workflow.

The article discusses the importance of identity lifecycle management (ILM) and how job management lifecycle (JML) processes can be streamlined to enhance security and efficiency in organizations. It emphasizes the need for automated solutions to manage employee identities and access rights effectively throughout their employment journey. By implementing robust ILM strategies, companies can reduce risks and improve compliance with regulations.