Black Hat Fireside Chat: Easy come, easy go access strengthens ‘Identity Threat Detection & Response’

By Byron V. Acohido

The rise of the remote workforce, post Covid-19, did nothing to make the already difficult task of doing Identity and Access Management (IAM) any easier for CISOs.

Related: Exposing Shadow IT

With Black Hat USA 2023 ramping up in Las Vegas next week, cybersecurity startup Trustle is championing a new product category—Identity Threat Detection & Response (ITDR)—which aims to enhance the capabilities of legacy IAM solutions.

Companies today are struggling to answer fundamental questions about their cloud environments, such as, who are my users and what can they access? How did they obtain this access? When they don’t need this access, do their identities still exist? Questions like these are a driving force behind the adoption of ITDR, which is becoming a crucial component in the realm of Cloud Infrastructure Entitlement Management (CIEM) and access management.

I had the chance to sit down with Trustle CEO Emiliano Berenbaum to learn just how ITDR can help companies much more efficiently manage user identities and access privileges, while also strengthening security, in an increasingly complex operating environment. For a drill down, please give the accompanying podcast a listen.

Guest expert: Emiliano Berenbaum, CEO, Trustle

For its part, Trustle is focused on taking a more advanced approach to needs-based access control. Trustle feels that if it’s easy for employees to obtain the access they need to do their job, it will be easy to give it up when they are done needing it. Alternatively, if it’s hard to get access because the process is complicated and slow, those employees are going to push back harder on giving up the access once they get it, yet may no longer need it – posing access-at-risk to the organization.

“The big thing is managing entitlements across multiple SaaS applications,” Berenbaum told me. “Today, it’s more of a manual process and we’re trying to automate that more and more with machine learning.”

As we move deeper into massively interconnected services, more granular vetting of user identities and access privileges surely makes good sense. Will ITDR arise as a critical component of securing modern networks. I’ll keep watch and keep reporting.


Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.

(LW provides consulting services to the vendors we cover.)

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someone