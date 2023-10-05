The US cybersecurity agency CISA and the NSA have published new guidelines for implementing identity and access management. This guidance focuses specifically on the challenges facing developers and vendors. The guidance was released six months after guidance for IAM administrators and is intended for large organizations. The new publication focuses on best practices to help organizations reduce the impact of threats to IAM.

The document shows techniques that threat actors commonly use to obtain access to systems to obtain stored credentials. The document also points out that Iranian threat actors have been observed exploiting IAM vulnerabilities to compromise credentials and escalate privileges. The access could be leveraged for data exfiltration, encryption, and other malicious activities. The two agencies also noted an increased in exploitation of Single Sign-On functions to gain access to resources throughout the victim organization.

