🔐 Identity Lifecycle Verifier 📂 Load Sample Data ⬆ Import JSON ⬇ Export JSON ⚙ Configure 📊 Dashboard ⚠ Risk Matrix ✅ Recommendations Global Settings Define thresholds and audit scope Organization Name Dormancy Threshold (days) Accounts inactive beyond this period are flagged dormant. Access Review Frequency Monthly (30 days) Quarterly (90 days) Semi-annually (180 days) Annually (365 days) Audit Reference Date Add Identity Systems Paste a comma-separated list or use the sample data to get started Bulk Import (comma-separated) + Add Systems Active Systems System Configuration Set identity counts and audit dates per system. Estimates are fine. System Total IDs Dormant Last Audit Offboard Gaps 🗂 Add identity systems on the left to begin configuration.
...
We Built a Free Identity Lifecycle Dashboard. Here’s How to Use It. Most IAM assessments start the same way. Someone asks how many dormant accounts the organization has, and nobody can answer.
It’s not that the data doesn’t exist. It does. It’s just scattered across Active Directory, Entra, Okta, AWS IAM, and a dozen SaaS tools, each with its own audit log format and review cycle. Nobody’s pulled it together, nobody’s scored it, and nobody’s asked the obvious next question: where are the gaps and what do we do about them?
...
The Identity Lifecycle Gaps Nobody’s Talking About Every security program talks about access control. Most have onboarding frameworks. Some have offboarding procedures.
What almost nobody has is a system that actually handles the identity in between. The one that’s still in your systems six months after someone left. The one nobody formally revoked. The one sitting there with standing privilege.
This post is about why identity lifecycle management fails at scale and what it costs when it does.
...
Explains how NIST 800 63-4 updates password and authentication guidelines to emphasize usability, stronger passphrases, and modern multi-factor security.
Securing the Future: A First Look at SANS Critical AI Security Controls v1.1 Introduction Artificial intelligence is no longer experimental—it’s embedded in production workflows, critical infrastructure, and high-stakes decision-making. But while AI evolves rapidly, security practices have struggled to keep pace. Enter the SANS Critical AI Security Controls (v1.1)—a new framework aiming to establish foundational, adaptable, and actionable controls for securing AI systems.
This blog breaks down the key components of the SANS draft, explains their relevance, and suggests first steps organizations can take today.
...
Cybersecurity Compliance in 2025: What You Need to Know and How to Prepare Introduction Cybersecurity compliance isn’t just for auditors and policy writers anymore—it’s now a strategic priority for every organization. With new regulations taking effect, major frameworks being updated, and cloud services under growing scrutiny, 2025 is a pivotal year for compliance professionals, IT leaders, and security practitioners alike.
In this post, we’ll walk through:
Key compliance updates for 2025 The role of frameworks like NIST and FedRAMP Emerging enforcement trends A hands-on checklist to evaluate your current posture Whether you’re building from scratch or refining a mature program, this guide will help you stay ahead.
...